ID

VAR-202205-1370


CVE

CVE-2022-2294


TITLE

Google Chrome  Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-016029

DESCRIPTION

Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Google Chrome Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. ========================================================================== Ubuntu Security Notice USN-5568-1 August 15, 2022 webkit2gtk vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in WebKitGTK. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: libjavascriptcoregtk-4.0-18 2.36.6-0ubuntu0.22.04.1 libwebkit2gtk-4.0-37 2.36.6-0ubuntu0.22.04.1 libwebkit2gtk-4.1-0 2.36.6-0ubuntu0.22.04.1 Ubuntu 20.04 LTS: libjavascriptcoregtk-4.0-18 2.36.6-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 2.36.6-0ubuntu0.20.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK, such as Epiphany, to make all the necessary changes. For the stable distribution (bullseye), these problems have been fixed in version 103.0.5060.114-1~deb11u1. We recommend that you upgrade your chromium packages. Background ========= WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. CVE-2022-32832: Tommy Muir (@Muirey03) AppleAVD Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A remote user may be able to cause kernel code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2022-32821: John Aakerblom (@jaakerblom) Home Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A user may be able to view restricted content from the lock screen Description: A logic issue was addressed with improved state management. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 15.6 and iPadOS 15.6". - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-35 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #858104, #859442, #863512, #865501, #864723 ID: 202208-35 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Background ========= Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Microsoft Edge is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 104.0.5112.101 >= 104.0.5112.101 2 www-client/chromium-bin < 104.0.5112.101 >= 104.0.5112.101 3 www-client/google-chrome < 104.0.5112.101 >= 104.0.5112.101 4 www-client/microsoft-edge < 104.0.1293.63 >= 104.0.1293.63 Description ========== Multiple vulnerabilities have been discovered in Chromium and its derivatives. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-104.0.5112.101" All Chromium binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-bin-104.0.5112.101" All Google Chrome users should upgrade to tha latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/google-chrome-104.0.5112.101" All Microsoft Edge users should upgrade to tha latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/microsoft-edge-104.0.1293.63" References ========= [ 1 ] CVE-2022-2163 https://nvd.nist.gov/vuln/detail/CVE-2022-2163 [ 2 ] CVE-2022-2294 https://nvd.nist.gov/vuln/detail/CVE-2022-2294 [ 3 ] CVE-2022-2295 https://nvd.nist.gov/vuln/detail/CVE-2022-2295 [ 4 ] CVE-2022-2296 https://nvd.nist.gov/vuln/detail/CVE-2022-2296 [ 5 ] CVE-2022-2477 https://nvd.nist.gov/vuln/detail/CVE-2022-2477 [ 6 ] CVE-2022-2478 https://nvd.nist.gov/vuln/detail/CVE-2022-2478 [ 7 ] CVE-2022-2479 https://nvd.nist.gov/vuln/detail/CVE-2022-2479 [ 8 ] CVE-2022-2480 https://nvd.nist.gov/vuln/detail/CVE-2022-2480 [ 9 ] CVE-2022-2481 https://nvd.nist.gov/vuln/detail/CVE-2022-2481 [ 10 ] CVE-2022-2603 https://nvd.nist.gov/vuln/detail/CVE-2022-2603 [ 11 ] CVE-2022-2604 https://nvd.nist.gov/vuln/detail/CVE-2022-2604 [ 12 ] CVE-2022-2605 https://nvd.nist.gov/vuln/detail/CVE-2022-2605 [ 13 ] CVE-2022-2606 https://nvd.nist.gov/vuln/detail/CVE-2022-2606 [ 14 ] CVE-2022-2607 https://nvd.nist.gov/vuln/detail/CVE-2022-2607 [ 15 ] CVE-2022-2608 https://nvd.nist.gov/vuln/detail/CVE-2022-2608 [ 16 ] CVE-2022-2609 https://nvd.nist.gov/vuln/detail/CVE-2022-2609 [ 17 ] CVE-2022-2610 https://nvd.nist.gov/vuln/detail/CVE-2022-2610 [ 18 ] CVE-2022-2611 https://nvd.nist.gov/vuln/detail/CVE-2022-2611 [ 19 ] CVE-2022-2612 https://nvd.nist.gov/vuln/detail/CVE-2022-2612 [ 20 ] CVE-2022-2613 https://nvd.nist.gov/vuln/detail/CVE-2022-2613 [ 21 ] CVE-2022-2614 https://nvd.nist.gov/vuln/detail/CVE-2022-2614 [ 22 ] CVE-2022-2615 https://nvd.nist.gov/vuln/detail/CVE-2022-2615 [ 23 ] CVE-2022-2616 https://nvd.nist.gov/vuln/detail/CVE-2022-2616 [ 24 ] CVE-2022-2617 https://nvd.nist.gov/vuln/detail/CVE-2022-2617 [ 25 ] CVE-2022-2618 https://nvd.nist.gov/vuln/detail/CVE-2022-2618 [ 26 ] CVE-2022-2619 https://nvd.nist.gov/vuln/detail/CVE-2022-2619 [ 27 ] CVE-2022-2620 https://nvd.nist.gov/vuln/detail/CVE-2022-2620 [ 28 ] CVE-2022-2621 https://nvd.nist.gov/vuln/detail/CVE-2022-2621 [ 29 ] CVE-2022-2622 https://nvd.nist.gov/vuln/detail/CVE-2022-2622 [ 30 ] CVE-2022-2623 https://nvd.nist.gov/vuln/detail/CVE-2022-2623 [ 31 ] CVE-2022-2624 https://nvd.nist.gov/vuln/detail/CVE-2022-2624 [ 32 ] CVE-2022-2852 https://nvd.nist.gov/vuln/detail/CVE-2022-2852 [ 33 ] CVE-2022-2853 https://nvd.nist.gov/vuln/detail/CVE-2022-2853 [ 34 ] CVE-2022-2854 https://nvd.nist.gov/vuln/detail/CVE-2022-2854 [ 35 ] CVE-2022-2855 https://nvd.nist.gov/vuln/detail/CVE-2022-2855 [ 36 ] CVE-2022-2856 https://nvd.nist.gov/vuln/detail/CVE-2022-2856 [ 37 ] CVE-2022-2857 https://nvd.nist.gov/vuln/detail/CVE-2022-2857 [ 38 ] CVE-2022-2858 https://nvd.nist.gov/vuln/detail/CVE-2022-2858 [ 39 ] CVE-2022-2859 https://nvd.nist.gov/vuln/detail/CVE-2022-2859 [ 40 ] CVE-2022-2860 https://nvd.nist.gov/vuln/detail/CVE-2022-2860 [ 41 ] CVE-2022-2861 https://nvd.nist.gov/vuln/detail/CVE-2022-2861 [ 42 ] CVE-2022-33636 https://nvd.nist.gov/vuln/detail/CVE-2022-33636 [ 43 ] CVE-2022-33649 https://nvd.nist.gov/vuln/detail/CVE-2022-33649 [ 44 ] CVE-2022-35796 https://nvd.nist.gov/vuln/detail/CVE-2022-35796 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-35 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-07-20-2 macOS Monterey 12.5 macOS Monterey 12.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213345. APFS Available for: macOS Monterey Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32832: Tommy Muir (@Muirey03) AppleMobileFileIntegrity Available for: macOS Monterey Impact: An app may be able to gain root privileges Description: An authorization issue was addressed with improved state management. CVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro Apple Neural Engine Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32810: Mohamed Ghannam (@_simo36) Apple Neural Engine Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: This issue was addressed with improved checks. CVE-2022-32840: Mohamed Ghannam (@_simo36) Apple Neural Engine Available for: macOS Monterey Impact: An app may be able to break out of its sandbox Description: This issue was addressed with improved checks. CVE-2022-32845: Mohamed Ghannam (@_simo36) AppleScript Available for: macOS Monterey Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: This issue was addressed with improved checks. CVE-2022-32797: Mickey Jin (@patch1t), Ye Zhang (@co0py_Cat) of Baidu Security, Mickey Jin (@patch1t) of Trend Micro AppleScript Available for: macOS Monterey Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-32851: Ye Zhang (@co0py_Cat) of Baidu Security CVE-2022-32852: Ye Zhang (@co0py_Cat) of Baidu Security CVE-2022-32853: Ye Zhang (@co0py_Cat) of Baidu Security AppleScript Available for: macOS Monterey Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-32831: Ye Zhang (@co0py_Cat) of Baidu Security Audio Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32820: an anonymous researcher Audio Available for: macOS Monterey Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32825: John Aakerblom (@jaakerblom) Automation Available for: macOS Monterey Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved checks. CVE-2022-32789: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab Calendar Available for: macOS Monterey Impact: An app may be able to access sensitive user information Description: The issue was addressed with improved handling of caches. CVE-2022-32805: Csaba Fitzl (@theevilbit) of Offensive Security CoreMedia Available for: macOS Monterey Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32828: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom) CoreText Available for: macOS Monterey Impact: A remote user may cause an unexpected app termination or arbitrary code execution Description: The issue was addressed with improved bounds checks. CVE-2022-32839: STAR Labs (@starlabs_sg) File System Events Available for: macOS Monterey Impact: An app may be able to gain root privileges Description: A logic issue was addressed with improved state management. CVE-2022-32819: Joshua Mason of Mandiant GPU Drivers Available for: macOS Monterey Impact: An app may be able to disclose kernel memory Description: Multiple out-of-bounds write issues were addressed with improved bounds checking. CVE-2022-32793: an anonymous researcher GPU Drivers Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-32821: John Aakerblom (@jaakerblom) iCloud Photo Library Available for: macOS Monterey Impact: An app may be able to access sensitive user information Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2022-32849: Joshua Jones ICU Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ. ImageIO Available for: macOS Monterey Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved memory handling. CVE-2022-32841: hjy79425575 ImageIO Available for: macOS Monterey Impact: Processing an image may lead to a denial-of-service Description: A null pointer dereference was addressed with improved validation. CVE-2022-32785: Yiğit Can YILMAZ (@yilmazcanyigit) Intel Graphics Driver Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2022-32811: ABC Research s.r.o Intel Graphics Driver Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32812: Yinyi Wu (@3ndy1), ABC Research s.r.o. Kernel Available for: macOS Monterey Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32813: Xinru Chi of Pangu Lab CVE-2022-32815: Xinru Chi of Pangu Lab Kernel Available for: macOS Monterey Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-32817: Xinru Chi of Pangu Lab Kernel Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: This issue was addressed with improved checks. CVE-2022-32829: an anonymous researcher Liblouis Available for: macOS Monterey Impact: An app may cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-26981: Hexhive (hexhive.epfl.ch), NCNIPC of China (nipc.org.cn) libxml2 Available for: macOS Monterey Impact: An app may be able to leak sensitive user information Description: A memory initialization issue was addressed with improved memory handling. CVE-2022-32823 Multi-Touch Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved checks. CVE-2022-32814: Pan ZhenPeng (@Peterpan0927) Multi-Touch Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved state handling. CVE-2022-32814: Pan ZhenPeng (@Peterpan0927) PackageKit Available for: macOS Monterey Impact: An app may be able to modify protected parts of the file system Description: An issue in the handling of environment variables was addressed with improved validation. CVE-2022-32786: Mickey Jin (@patch1t) PackageKit Available for: macOS Monterey Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with improved checks. CVE-2022-32800: Mickey Jin (@patch1t) PluginKit Available for: macOS Monterey Impact: An app may be able to read arbitrary files Description: A logic issue was addressed with improved state management. CVE-2022-32838: Mickey Jin (@patch1t) of Trend Micro PS Normalizer Available for: macOS Monterey Impact: Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32843: Kai Lu of Zscaler's ThreatLabz SMB Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-32796: Sreejith Krishnan R (@skr0x1c0) SMB Available for: macOS Monterey Impact: An app may be able to gain elevated privileges Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-32842: Sreejith Krishnan R (@skr0x1c0) SMB Available for: macOS Monterey Impact: An app may be able to gain elevated privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32798: Sreejith Krishnan R (@skr0x1c0) SMB Available for: macOS Monterey Impact: A user in a privileged network position may be able to leak sensitive information Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-32799: Sreejith Krishnan R (@skr0x1c0) SMB Available for: macOS Monterey Impact: An app may be able to leak sensitive kernel state Description: The issue was addressed with improved memory handling. CVE-2022-32818: Sreejith Krishnan R (@skr0x1c0) Software Update Available for: macOS Monterey Impact: A user in a privileged network position can track a user’s activity Description: This issue was addressed by using HTTPS when sending information over the network. CVE-2022-32857: Jeffrey Paul (sneak.berlin) Spindump Available for: macOS Monterey Impact: An app may be able to overwrite arbitrary files Description: This issue was addressed with improved file handling. CVE-2022-32807: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab Spotlight Available for: macOS Monterey Impact: An app may be able to gain root privileges Description: This issue was addressed with improved checks. CVE-2022-32801: Joshua Mason (@josh@jhu.edu) subversion Available for: macOS Monterey Impact: Multiple issues in subversion Description: Multiple issues were addressed by updating subversion. CVE-2021-28544: Evgeny Kotkov, visualsvn.com CVE-2022-24070: Evgeny Kotkov, visualsvn.com CVE-2022-29046: Evgeny Kotkov, visualsvn.com CVE-2022-29048: Evgeny Kotkov, visualsvn.com TCC Available for: macOS Monterey Impact: An app may be able to access sensitive user information Description: An access issue was addressed with improvements to the sandbox. CVE-2022-32834: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) WebKit Available for: macOS Monterey Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 239316 CVE-2022-32816: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ. WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. WebKit Bugzilla: 240720 CVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative WebRTC Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 242339 CVE-2022-2294: Jan Vojtesek of Avast Threat Intelligence team Wi-Fi Available for: macOS Monterey Impact: An app may be able to cause unexpected system termination or write kernel memory Description: This issue was addressed with improved checks. CVE-2022-32837: Wang Yu of Cyberserval Wi-Fi Available for: macOS Monterey Impact: A remote user may be able to cause unexpected system termination or corrupt kernel memory Description: This issue was addressed with improved checks. CVE-2022-32847: Wang Yu of Cyberserval Windows Server Available for: macOS Monterey Impact: An app may be able to capture a user’s screen Description: A logic issue was addressed with improved checks. CVE-2022-32848: Jeremy Legendre of MacEnhance Additional recognition 802.1X We would like to acknowledge Shin Sun of National Taiwan University for their assistance. AppleMobileFileIntegrity We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Reguła (@_r3ggi) of SecuRing for their assistance. Calendar We would like to acknowledge Joshua Jones for their assistance. configd We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Reguła (@_r3ggi) of SecuRing for their assistance. DiskArbitration We would like to acknowledge Mike Cush for their assistance. macOS Monterey 12.5 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmLYiL4ACgkQeC9qKD1p rhhjpQ//TQX1ihtXRIjFpPOViMy6IxuLE1CsKFxq5MweXelbPB/UdeUl/zL5G54b /Lx2XYKoWj6u27FCO0BHxBqtYbAd6sfx70VLCk5W6gyk/yCi0n3zh7BvRvWB/Ugh 6NuHB39a1kbbjLLoQPbW0L6egdrCfqP/+ZujqjKl7xI58nda9jMHJC1ns87KQoDn Er5SAGf7M2ErGNzOFqvXjpJYvGsrKJyfqNxp99H/sPlzu7URX9Gq3f3n1o55IUUa mcxlBPDfUmDQPjdSqw/BprQkDOvp0fzmTy+phB0fkgmvVJ8EmEJAoilL4SyH4uW9 V1GD9rtjUKh7G/gSFAo7y0HBDQoM+E9hA+4PPlH2o1nUOAl6BRWUka6jf4yaqrpr pfo1K2hPQj1g4MMZFCDWkJ+7V1+1GTQ9WlagL5gB3QaKefiSG4cTnL06Y8zn38TD TY3JrdqUI7Pzugu+FuHs7P168yNIGXTscb1ptrVlaVBaVuyICmEcKX4HS+I5o30q WqCOaRoaa6WRqBwNEy7zVAExjSPt7t8ZWt85avWSt+rLxNGiVkPrpHu4fE+V2IAV fz1VA4S/w69h9uJHXdcG+QfvNxX+zj/vljF6DK3dyQ957Mqfyr2y9ojSbdf6vo4n DJFXNxbEk35loy/kDDidC1C1sFKY+JeQF7ZBi0/QOyuSdSdJrSg= =ibIr -----END PGP SIGNATURE----- . Background ========= QtWebEngine is a library for rendering dynamic web content in Qt5 and Qt6 C++ and QML applications

Trust: 2.43

sources: NVD: CVE-2022-2294 // JVNDB: JVNDB-2022-016029 // VULHUB: VHN-427072 // PACKETSTORM: 168089 // PACKETSTORM: 169355 // PACKETSTORM: 168226 // PACKETSTORM: 167786 // PACKETSTORM: 168126 // PACKETSTORM: 167792 // PACKETSTORM: 167787 // PACKETSTORM: 175908

AFFECTED PRODUCTS

vendor:googlemodel:chromescope:ltversion:103.0.5060.114

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:15.6

Trust: 1.0

vendor:wpewebkitmodel:wpe webkitscope:ltversion:2.36.5

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:8.7

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:36

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.15.7

Trust: 1.0

vendor:webkitgtkmodel:webkitgtkscope:ltversion:2.36.5

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.6

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0

Trust: 1.0

vendor:applemodel:macosscope:ltversion:12.5

Trust: 1.0

vendor:webrtcmodel:webrtcscope:eqversion: -

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.6.8

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:35

Trust: 1.0

vendor:fedoraprojectmodel:extra packages for enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:the webrtcmodel:webrtcscope: - version: -

Trust: 0.8

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:fedoramodel:extra packages for enterprise linuxscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:googlemodel:chromescope: - version: -

Trust: 0.8

vendor:fedoramodel:fedorascope: - version: -

Trust: 0.8

vendor:the webkitgtk teammodel:webkitgtkscope: - version: -

Trust: 0.8

vendor:the wpe teammodel:webkitscope: - version: -

Trust: 0.8

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-016029 // NVD: CVE-2022-2294

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-2294
value: HIGH

Trust: 1.0

NVD: CVE-2022-2294
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202207-345
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-2294
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-2294
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-016029 // CNNVD: CNNVD-202207-345 // NVD: CVE-2022-2294

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-427072 // JVNDB: JVNDB-2022-016029 // NVD: CVE-2022-2294

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 168089 // PACKETSTORM: 168126 // PACKETSTORM: 175908 // CNNVD: CNNVD-202207-345

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202207-345

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-427072

PATCH

title:Top Pageurl:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB/

Trust: 0.8

title:Google Chrome Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=202541

Trust: 0.6

title: - url:https://github.com/ExpLangcn/FuYao-Go

Trust: 0.1

sources: VULMON: CVE-2022-2294 // JVNDB: JVNDB-2022-016029 // CNNVD: CNNVD-202207-345

EXTERNAL IDS

db:NVDid:CVE-2022-2294

Trust: 4.2

db:OPENWALLid:OSS-SECURITY/2022/07/28/2

Trust: 1.7

db:PACKETSTORMid:168126

Trust: 0.8

db:PACKETSTORMid:168226

Trust: 0.8

db:PACKETSTORMid:167792

Trust: 0.8

db:PACKETSTORMid:168089

Trust: 0.8

db:JVNDBid:JVNDB-2022-016029

Trust: 0.8

db:CNNVDid:CNNVD-202207-345

Trust: 0.7

db:AUSCERTid:ESB-2022.3553

Trust: 0.6

db:AUSCERTid:ESB-2022.4061

Trust: 0.6

db:AUSCERTid:ESB-2022.3389

Trust: 0.6

db:AUSCERTid:ESB-2022.3254

Trust: 0.6

db:CS-HELPid:SB2022070442

Trust: 0.6

db:CS-HELPid:SB2022071215

Trust: 0.6

db:CS-HELPid:SB2022072104

Trust: 0.6

db:CS-HELPid:SB2022070614

Trust: 0.6

db:CS-HELPid:SB2022071824

Trust: 0.6

db:PACKETSTORMid:167786

Trust: 0.2

db:PACKETSTORMid:167787

Trust: 0.2

db:CNVDid:CNVD-2022-49948

Trust: 0.1

db:VULHUBid:VHN-427072

Trust: 0.1

db:VULMONid:CVE-2022-2294

Trust: 0.1

db:PACKETSTORMid:169355

Trust: 0.1

db:PACKETSTORMid:175908

Trust: 0.1

sources: VULHUB: VHN-427072 // VULMON: CVE-2022-2294 // JVNDB: JVNDB-2022-016029 // PACKETSTORM: 168089 // PACKETSTORM: 169355 // PACKETSTORM: 168226 // PACKETSTORM: 167786 // PACKETSTORM: 168126 // PACKETSTORM: 167792 // PACKETSTORM: 167787 // PACKETSTORM: 175908 // CNNVD: CNNVD-202207-345 // NVD: CVE-2022-2294

REFERENCES

url:https://security.gentoo.org/glsa/202208-35

Trust: 1.8

url:https://security.gentoo.org/glsa/202208-39

Trust: 1.8

url:https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html

Trust: 1.7

url:https://crbug.com/1341043

Trust: 1.7

url:http://www.openwall.com/lists/oss-security/2022/07/28/2

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-2294

Trust: 1.6

url:https://security.gentoo.org/glsa/202311-11

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5bqrtr4siunihllpwtgysdnqk7dycrsb/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/h2c4xojviildxtosmwjxhsqnexfwsod7/

Trust: 1.0

url:https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Trust: 0.8

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5bqrtr4siunihllpwtgysdnqk7dycrsb/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/h2c4xojviildxtosmwjxhsqnexfwsod7/

Trust: 0.7

url:https://www.cybersecurity-help.cz/vdb/sb2022070442

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072104

Trust: 0.6

url:https://vigilance.fr/vulnerability/chrome-multiple-vulnerabilities-38727

Trust: 0.6

url:https://packetstormsecurity.com/files/168126/gentoo-linux-security-advisory-202208-35.html

Trust: 0.6

url:https://packetstormsecurity.com/files/168226/gentoo-linux-security-advisory-202208-39.html

Trust: 0.6

url:https://support.apple.com/en-us/ht213346

Trust: 0.6

url:https://vigilance.fr/vulnerability/webkit-buffer-overflow-via-webrtc-38874

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4061

Trust: 0.6

url:https://packetstormsecurity.com/files/167792/apple-security-advisory-2022-07-20-7.html

Trust: 0.6

url:https://packetstormsecurity.com/files/168089/ubuntu-security-notice-usn-5568-1.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022070614

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022071824

Trust: 0.6

url:https://chromereleases.googleblog.com/2022/07/chrome-for-android-update.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3254

Trust: 0.6

url:https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-2294

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3553

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-2294/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3389

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022071215

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-32792

Trust: 0.4

url:https://bugs.gentoo.org.

Trust: 0.3

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.3

url:https://security.gentoo.org/

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-32784

Trust: 0.3

url:https://www.apple.com/support/security/pgp/

Trust: 0.3

url:https://support.apple.com/en-us/ht201222.

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-2296

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2295

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32785

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32793

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-26981

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32787

Trust: 0.2

url:https://launchpad.net/ubuntu/+source/webkit2gtk/2.36.6-0ubuntu0.22.04.1

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5568-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/webkit2gtk/2.36.6-0ubuntu0.20.04.1

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://security-tracker.debian.org/tracker/chromium

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22620

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26719

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22589

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22628

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22677

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26709

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-30293

Trust: 0.1

url:https://webkitgtk.org/security/wsa-2022-0008.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-30294

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22590

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22662

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22624

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26717

Trust: 0.1

url:https://webkitgtk.org/security/wsa-2022-0002.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26700

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26716

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22592

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26710

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32893

Trust: 0.1

url:https://webkitgtk.org/security/wsa-2022-0003.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22629

Trust: 0.1

url:https://webkitgtk.org/security/wsa-2022-0007.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32788

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32802

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32810

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32814

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32813

Trust: 0.1

url:https://www.apple.com/itunes/

Trust: 0.1

url:https://support.apple.com/ht213346.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-26768

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32815

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2612

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-35796

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2608

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2618

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2611

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-33636

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2624

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2613

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2610

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2623

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2614

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2617

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2622

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2615

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2856

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2857

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2478

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2621

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2853

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2858

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2481

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2604

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2616

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2479

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2855

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-33649

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2619

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2860

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2480

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2859

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2852

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2609

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2477

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2603

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2606

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2854

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2861

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2605

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2163

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2607

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2620

Trust: 0.1

url:https://support.apple.com/ht213341.

Trust: 0.1

url:https://support.apple.com/downloads/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-24070

Trust: 0.1

url:https://support.apple.com/ht213345.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32786

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-29046

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32796

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32797

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-29048

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28544

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32789

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-3079

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4761

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2940

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2939

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4177

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5996

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2932

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4178

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4195

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2725

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-44708

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5486

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-3216

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3201

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0128

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4183

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4190

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0138

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4174

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2723

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4077

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4191

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5482

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0141

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4764

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2941

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5853

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4437

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0137

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4193

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4175

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-21796

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5218

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5485

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-41115

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2724

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4070

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5857

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2929

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0135

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4438

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4073

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5480

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5856

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2721

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4071

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5481

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2937

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4179

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4076

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4069

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-6112

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4181

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5859

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0129

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4176

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2935

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5855

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4188

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-3214

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4440

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0130

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5473

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5858

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5851

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4186

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4763

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4194

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4180

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2930

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4192

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2722

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4074

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4185

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0132

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5478

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2934

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4075

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4078

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0134

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2931

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5476

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5477

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4762

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5474

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5849

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5850

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5479

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2726

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-3217

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4189

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5997

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5854

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4436

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5487

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4439

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2933

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4184

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0133

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5483

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0136

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5484

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4187

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0139

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-44688

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0131

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2936

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5852

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4182

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-3215

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-5475

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-21775

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4072

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0140

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4068

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-2938

Trust: 0.1

sources: VULHUB: VHN-427072 // JVNDB: JVNDB-2022-016029 // PACKETSTORM: 168089 // PACKETSTORM: 169355 // PACKETSTORM: 168226 // PACKETSTORM: 167786 // PACKETSTORM: 168126 // PACKETSTORM: 167792 // PACKETSTORM: 167787 // PACKETSTORM: 175908 // CNNVD: CNNVD-202207-345 // NVD: CVE-2022-2294

CREDITS

Gentoo

Trust: 0.3

sources: PACKETSTORM: 168226 // PACKETSTORM: 168126 // PACKETSTORM: 175908

SOURCES

db:VULHUBid:VHN-427072
db:VULMONid:CVE-2022-2294
db:JVNDBid:JVNDB-2022-016029
db:PACKETSTORMid:168089
db:PACKETSTORMid:169355
db:PACKETSTORMid:168226
db:PACKETSTORMid:167786
db:PACKETSTORMid:168126
db:PACKETSTORMid:167792
db:PACKETSTORMid:167787
db:PACKETSTORMid:175908
db:CNNVDid:CNNVD-202207-345
db:NVDid:CVE-2022-2294

LAST UPDATE DATE

2024-11-20T20:06:45.837000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-427072date:2022-11-29T00:00:00
db:JVNDBid:JVNDB-2022-016029date:2023-09-29T09:00:00
db:CNNVDid:CNNVD-202207-345date:2022-09-02T00:00:00
db:NVDid:CVE-2022-2294date:2024-06-28T14:08:30.807

SOURCES RELEASE DATE

db:VULHUBid:VHN-427072date:2022-07-28T00:00:00
db:JVNDBid:JVNDB-2022-016029date:2023-09-29T00:00:00
db:PACKETSTORMid:168089date:2022-08-15T16:05:06
db:PACKETSTORMid:169355date:2022-07-28T19:12:00
db:PACKETSTORMid:168226date:2022-09-01T16:33:44
db:PACKETSTORMid:167786date:2022-07-22T16:22:17
db:PACKETSTORMid:168126date:2022-08-22T16:02:18
db:PACKETSTORMid:167792date:2022-07-22T16:25:07
db:PACKETSTORMid:167787date:2022-07-22T16:22:49
db:PACKETSTORMid:175908date:2023-11-25T17:01:13
db:CNNVDid:CNNVD-202207-345date:2022-07-04T00:00:00
db:NVDid:CVE-2022-2294date:2022-07-28T02:15:07.797