ID

VAR-202205-1953


CVE

CVE-2022-26691


TITLE

Apple macOS Authorization problem vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202205-4149

DESCRIPTION

A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. This security vulnerability occurs when local authorization happens. This flaw allows an malicious user to authenticate to CUPS as root/admin without the 32-byte secret key and perform arbitrary code execution. (CVE-2022-26691). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: cups security and bug fix update Advisory ID: RHSA-2022:5056-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:5056 Issue date: 2022-06-15 CVE Names: CVE-2022-26691 ===================================================================== 1. Summary: An update for cups is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fix(es): * cups: authorization bypass when using "local" authorization (CVE-2022-26691) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * 30-second delays printing to Windows 2016 server via HTTPS (BZ#2073531) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the cupsd service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2084321 - CVE-2022-26691 cups: authorization bypass when using "local" authorization 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): aarch64: cups-2.2.6-45.el8_6.2.aarch64.rpm cups-client-2.2.6-45.el8_6.2.aarch64.rpm cups-client-debuginfo-2.2.6-45.el8_6.2.aarch64.rpm cups-debuginfo-2.2.6-45.el8_6.2.aarch64.rpm cups-debugsource-2.2.6-45.el8_6.2.aarch64.rpm cups-devel-2.2.6-45.el8_6.2.aarch64.rpm cups-ipptool-2.2.6-45.el8_6.2.aarch64.rpm cups-ipptool-debuginfo-2.2.6-45.el8_6.2.aarch64.rpm cups-libs-debuginfo-2.2.6-45.el8_6.2.aarch64.rpm cups-lpd-2.2.6-45.el8_6.2.aarch64.rpm cups-lpd-debuginfo-2.2.6-45.el8_6.2.aarch64.rpm noarch: cups-filesystem-2.2.6-45.el8_6.2.noarch.rpm ppc64le: cups-2.2.6-45.el8_6.2.ppc64le.rpm cups-client-2.2.6-45.el8_6.2.ppc64le.rpm cups-client-debuginfo-2.2.6-45.el8_6.2.ppc64le.rpm cups-debuginfo-2.2.6-45.el8_6.2.ppc64le.rpm cups-debugsource-2.2.6-45.el8_6.2.ppc64le.rpm cups-devel-2.2.6-45.el8_6.2.ppc64le.rpm cups-ipptool-2.2.6-45.el8_6.2.ppc64le.rpm cups-ipptool-debuginfo-2.2.6-45.el8_6.2.ppc64le.rpm cups-libs-debuginfo-2.2.6-45.el8_6.2.ppc64le.rpm cups-lpd-2.2.6-45.el8_6.2.ppc64le.rpm cups-lpd-debuginfo-2.2.6-45.el8_6.2.ppc64le.rpm s390x: cups-2.2.6-45.el8_6.2.s390x.rpm cups-client-2.2.6-45.el8_6.2.s390x.rpm cups-client-debuginfo-2.2.6-45.el8_6.2.s390x.rpm cups-debuginfo-2.2.6-45.el8_6.2.s390x.rpm cups-debugsource-2.2.6-45.el8_6.2.s390x.rpm cups-devel-2.2.6-45.el8_6.2.s390x.rpm cups-ipptool-2.2.6-45.el8_6.2.s390x.rpm cups-ipptool-debuginfo-2.2.6-45.el8_6.2.s390x.rpm cups-libs-debuginfo-2.2.6-45.el8_6.2.s390x.rpm cups-lpd-2.2.6-45.el8_6.2.s390x.rpm cups-lpd-debuginfo-2.2.6-45.el8_6.2.s390x.rpm x86_64: cups-2.2.6-45.el8_6.2.x86_64.rpm cups-client-2.2.6-45.el8_6.2.x86_64.rpm cups-client-debuginfo-2.2.6-45.el8_6.2.i686.rpm cups-client-debuginfo-2.2.6-45.el8_6.2.x86_64.rpm cups-debuginfo-2.2.6-45.el8_6.2.i686.rpm cups-debuginfo-2.2.6-45.el8_6.2.x86_64.rpm cups-debugsource-2.2.6-45.el8_6.2.i686.rpm cups-debugsource-2.2.6-45.el8_6.2.x86_64.rpm cups-devel-2.2.6-45.el8_6.2.i686.rpm cups-devel-2.2.6-45.el8_6.2.x86_64.rpm cups-ipptool-2.2.6-45.el8_6.2.x86_64.rpm cups-ipptool-debuginfo-2.2.6-45.el8_6.2.i686.rpm cups-ipptool-debuginfo-2.2.6-45.el8_6.2.x86_64.rpm cups-libs-debuginfo-2.2.6-45.el8_6.2.i686.rpm cups-libs-debuginfo-2.2.6-45.el8_6.2.x86_64.rpm cups-lpd-2.2.6-45.el8_6.2.x86_64.rpm cups-lpd-debuginfo-2.2.6-45.el8_6.2.i686.rpm cups-lpd-debuginfo-2.2.6-45.el8_6.2.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: cups-2.2.6-45.el8_6.2.src.rpm aarch64: cups-client-debuginfo-2.2.6-45.el8_6.2.aarch64.rpm cups-debuginfo-2.2.6-45.el8_6.2.aarch64.rpm cups-debugsource-2.2.6-45.el8_6.2.aarch64.rpm cups-ipptool-debuginfo-2.2.6-45.el8_6.2.aarch64.rpm cups-libs-2.2.6-45.el8_6.2.aarch64.rpm cups-libs-debuginfo-2.2.6-45.el8_6.2.aarch64.rpm cups-lpd-debuginfo-2.2.6-45.el8_6.2.aarch64.rpm ppc64le: cups-client-debuginfo-2.2.6-45.el8_6.2.ppc64le.rpm cups-debuginfo-2.2.6-45.el8_6.2.ppc64le.rpm cups-debugsource-2.2.6-45.el8_6.2.ppc64le.rpm cups-ipptool-debuginfo-2.2.6-45.el8_6.2.ppc64le.rpm cups-libs-2.2.6-45.el8_6.2.ppc64le.rpm cups-libs-debuginfo-2.2.6-45.el8_6.2.ppc64le.rpm cups-lpd-debuginfo-2.2.6-45.el8_6.2.ppc64le.rpm s390x: cups-client-debuginfo-2.2.6-45.el8_6.2.s390x.rpm cups-debuginfo-2.2.6-45.el8_6.2.s390x.rpm cups-debugsource-2.2.6-45.el8_6.2.s390x.rpm cups-ipptool-debuginfo-2.2.6-45.el8_6.2.s390x.rpm cups-libs-2.2.6-45.el8_6.2.s390x.rpm cups-libs-debuginfo-2.2.6-45.el8_6.2.s390x.rpm cups-lpd-debuginfo-2.2.6-45.el8_6.2.s390x.rpm x86_64: cups-client-debuginfo-2.2.6-45.el8_6.2.i686.rpm cups-client-debuginfo-2.2.6-45.el8_6.2.x86_64.rpm cups-debuginfo-2.2.6-45.el8_6.2.i686.rpm cups-debuginfo-2.2.6-45.el8_6.2.x86_64.rpm cups-debugsource-2.2.6-45.el8_6.2.i686.rpm cups-debugsource-2.2.6-45.el8_6.2.x86_64.rpm cups-ipptool-debuginfo-2.2.6-45.el8_6.2.i686.rpm cups-ipptool-debuginfo-2.2.6-45.el8_6.2.x86_64.rpm cups-libs-2.2.6-45.el8_6.2.i686.rpm cups-libs-2.2.6-45.el8_6.2.x86_64.rpm cups-libs-debuginfo-2.2.6-45.el8_6.2.i686.rpm cups-libs-debuginfo-2.2.6-45.el8_6.2.x86_64.rpm cups-lpd-debuginfo-2.2.6-45.el8_6.2.i686.rpm cups-lpd-debuginfo-2.2.6-45.el8_6.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-26691 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYqod69zjgjWX9erEAQiQ3A/+LM9m2kXeWz8N2fXRG00WuByQeTpYA3wO InBeSzoVT+hb82gPL2BLGVdHQlVfXo/wYN64e33Llkd/X8EEJ139Hn+Unjh0zdUR 5lL8qmhx3SIujq/F8nHnCsvodBMDtwdbRH70AHrFFlUWYtmyPb5ZmlrUUp/q0gF4 VQ6oTMRK1RxL71R1ltRAQIu/V/+J8N3j461JSfbI4Y1jzYScChQ2C2p/sKzYJHzn qwOHjGqExXDQb0MsSBk3RNreuIlMHU6e4Q6nFNwkJQR6Jfdcwm4iR58i9YAMannx /s/OXDn8UoSKqJF4TlD1rMDgWapoKtbtVlRR1fE8BhZ/QUAKPa8ky9HKY+0lSeBu xgDuP7UKwFcLV33d1hJd+HgXXj7GspXcrYkE9+VqXAMYh6RVJR/FDpif9kIg3buO +yaGEa0wLE4cdykMMk5yDK7dnm59a8GcIZPjLBroC4u2TlTShphoiiyFfjogaPC1 ZEj2zCLF4nJARYe/m//Sn8Gjg2S/14of7Gr8z1Kehw/0BT+HCzlx/oMh/jJM0PEm ExyULWcsmLRrP3VUM8beBCE86Brdq934SpRc8H2QP6Pjj/GxHG9SR6TMZkkMTaNt jQcsKd7igS3Q7oEXLNcaNXG31b7eNvWVuJtLL3PMTucSEqSlyXjEXMSDcTrP5aeR Zk1KcaJsJpQ= =ONyE -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . OADP enables both file system-based and snapshot-based backups for persistent volumes. Bugs fixed (https://bugzilla.redhat.com/): 2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter 2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode 2077689 - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar 2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 5. JIRA issues fixed (https://issues.jboss.org/): OADP-145 - Restic Restore stuck on InProgress status when app is deployed with DeploymentConfig OADP-154 - Ensure support for backing up resources based on different label selectors OADP-194 - Remove the registry dependency from OADP OADP-199 - Enable support for restore of existing resources OADP-224 - Restore silently ignore resources if they exist - restore log not updated OADP-225 - Restore doesn't update velero.io/backup-name when a resource is updated OADP-234 - Implementation of incremental restore OADP-324 - Add label to Expired backups failing garbage collection OADP-382 - 1.1: Update downstream OLM channels to support different x and y-stream releases OADP-422 - [GCP] An attempt of snapshoting volumes on CSI storageclass using Velero-native snapshots fails because it's unable to find the zone OADP-423 - CSI Backup is not blocked and does not wait for snapshot to complete OADP-478 - volumesnapshotcontent cannot be deleted; SnapshotDeleteError Failed to delete snapshot OADP-528 - The volumesnapshotcontent is not removed for the synced backup OADP-533 - OADP Backup via Ceph CSI snapshot hangs indefinitely on OpenShift v4.10 OADP-538 - typo on noDefaultBackupLocation error on DPA CR OADP-552 - Validate OADP with 4.11 and Pod Security Admissions OADP-558 - Empty Failed Backup CRs can't be removed OADP-585 - OADP 1.0.3: CSI functionality is broken on OCP 4.11 due to missing v1beta1 API version OADP-586 - registry deployment still exists on 1.1 build, and the registry pod gets recreated endlessly OADP-592 - OADP must-gather add support for insecure tls OADP-597 - BSL validation logs OADP-598 - Data mover performance on backup blocks backup process OADP-599 - [Data Mover] Datamover Restic secret cannot be configured per bsl OADP-600 - Operator should validate volsync installation and raise warning if data mover is enabled OADP-602 - Support GCP for openshift-velero-plugin registry OADP-605 - [OCP 4.11] CSI restore fails with admission webhook \"volumesnapshotclasses.snapshot.storage.k8s.io\" denied OADP-607 - DataMover: VSB is stuck on SnapshotBackupDone OADP-610 - Data mover fails if a stale volumesnapshot exists in application namespace OADP-613 - DataMover: upstream documentation refers wrong CRs OADP-637 - Restic backup fails with CA certificate OADP-643 - [Data Mover] VSB and VSR names are not unique OADP-644 - VolumeSnapshotBackup and VolumeSnapshotRestore timeouts should be configurable OADP-648 - Remove default limits for velero and restic pods OADP-652 - Data mover VolSync pod errors with Noobaa OADP-655 - DataMover: volsync-dst-vsr pod completes although not all items where restored in the namespace OADP-660 - Data mover restic secret does not support Azure OADP-698 - DataMover: volume-snapshot-mover pod points to upstream image OADP-715 - Restic restore fails: restic-wait container continuously fails with "Not found: /restores/<pod-volume>/.velero/<restore-UID>" OADP-716 - Incremental restore: second restore of a namespace partially fails OADP-736 - Data mover VSB always fails with volsync 0.5 6. Summary: The Migration Toolkit for Containers (MTC) 1.7.2 is now available. Description: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Solution: For details on how to install and use MTC, refer to: https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes 2038898 - [UI] ?Update Repository? option not getting disabled after adding the Replication Repository details to the MTC web console 2040693 - ?Replication repository? wizard has no validation for name length 2040695 - [MTC UI] ?Add Cluster? wizard stucks when the cluster name length is more than 63 characters 2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor 2048537 - Exposed route host to image registry? connecting successfully to invalid registry ?xyz.com? 2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak 2055658 - [MTC UI] Cancel button on ?Migrations? page does not disappear when migration gets Failed/Succeeded with warnings 2056962 - [MTC UI] UI shows the wrong migration type info after changing the target namespace 2058172 - [MTC UI] Successful Rollback is not showing the green success icon in the ?Last State? field. 2058529 - [MTC UI] Migrations Plan is missing the type for the state migration performed before upgrade 2061335 - [MTC UI] ?Update cluster? button is not getting disabled 2062266 - MTC UI does not display logs properly [OADP-BL] 2062862 - [MTC UI] Clusters page behaving unexpectedly on deleting the remote cluster?s service account secret from backend 2074675 - HPAs of DeploymentConfigs are not being updated when migration from Openshift 3.x to Openshift 4.x 2076593 - Velero pod log missing from UI drop down 2076599 - Velero pod log missing from downloaded logs folder [OADP-BL] 2078459 - [MTC UI] Storageclass conversion plan is adding migstorage reference in migplan 2079252 - [MTC] Rsync options logs not visible in log-reader pod 2082221 - Don't allow Storage class conversion migration if source cluster has only one storage class defined [UI] 2082225 - non-numeric user when launching stage pods [OADP-BL] 2088022 - Default CPU requests on Velero/Restic are too demanding making scheduling fail in certain environments 2088026 - Cloud propagation phase in migration controller is not doing anything due to missing labels on Velero pods 2089126 - [MTC] Migration controller cannot find Velero Pod because of wrong labels 2089411 - [MTC] Log reader pod is missing velero and restic pod logs [OADP-BL] 2089859 - [Crane] DPA CR is missing the required flag - Migration is getting failed at the EnsureCloudSecretPropagated phase due to the missing secret VolumeMounts 2090317 - [MTC] mig-operator failed to create a DPA CR due to null values are passed instead of int [OADP-BL] 2096939 - Fix legacy operator.yml inconsistencies and errors 2100486 - [MTC UI] Target storage class field is not getting respected when clusters don't have replication repo configured. Solution: For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly, for detailed release notes: https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-release-notes.html For Red Hat OpenShift Logging 5.4, see the following instructions to apply this update: https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-upgrading.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS 5. JIRA issues fixed (https://issues.jboss.org/): LOG-2536 - Setting up ODF S3 for loki LOG-2640 - [release-5.4] FluentdQueueLengthIncreasing rule failing to be evaluated. LOG-2757 - [release-5.4] index rollover cronjob fails on openshift-logging operator LOG-2762 - [release-5.4]Events and CLO csv are not collected after running `oc adm must-gather --image=$downstream-clo-image ` LOG-2780 - Loki cannot send logs after upgrade to 5.4.3 from 5.4.2 with 'http' LOG-2781 - OpenShift Logging Dashboard for Elastic Shards shows "active_primary" instead of "active" shards. LOG-2786 - [release-5.4] Token not added to Vector config when forwarding logs to Lokistack with Token+CA bundle. LOG-2791 - [release-5.4] ElasticSearch operator does not respect referencePolicy when selecting oauth-proxy image 6. ========================================================================== Ubuntu Security Notice USN-5454-1 May 31, 2022 cups vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 21.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in CUPS. Software Description: - cups: Common UNIX Printing System(tm) Details: Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly use this issue to open a session as an administrator and execute arbitrary code. (CVE-2022-26691) It was discovered that CUPS incorrectly handled certain memory operations when handling IPP printing. A remote attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-8842, CVE-2020-10001) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: cups 2.4.1op1-1ubuntu4.1 Ubuntu 21.10: cups 2.3.3op2-7ubuntu2.1 Ubuntu 20.04 LTS: cups 2.3.1-9ubuntu1.2 Ubuntu 18.04 LTS: cups 2.2.7-1ubuntu2.9 In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202402-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: CUPS: Multiple Vulnerabilities Date: February 18, 2024 Bugs: #847625, #907675, #909018, #914781 ID: 202402-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in CUPS, the worst of which can lead to arbitrary code execution. Affected packages ================= Package Vulnerable Unaffected -------------- ------------ ------------ net-print/cups < 2.4.7 >= 2.4.7 Description =========== Multiple vulnerabilities have been discovered in CUPS. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All CUPS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-print/cups-2.4.7" References ========== [ 1 ] CVE-2022-26691 https://nvd.nist.gov/vuln/detail/CVE-2022-26691 [ 2 ] CVE-2023-4504 https://nvd.nist.gov/vuln/detail/CVE-2023-4504 [ 3 ] CVE-2023-32324 https://nvd.nist.gov/vuln/detail/CVE-2023-32324 [ 4 ] CVE-2023-34241 https://nvd.nist.gov/vuln/detail/CVE-2023-34241 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202402-17 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Trust: 1.8

sources: NVD: CVE-2022-26691 // VULHUB: VHN-417360 // VULMON: CVE-2022-26691 // PACKETSTORM: 168351 // PACKETSTORM: 167510 // PACKETSTORM: 168228 // PACKETSTORM: 167679 // PACKETSTORM: 167845 // PACKETSTORM: 167512 // PACKETSTORM: 167332 // PACKETSTORM: 177174

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:11.6.5

Trust: 1.0

vendor:applemodel:macosscope:ltversion:12.3

Trust: 1.0

vendor:applemodel:cupsscope:ltversion:499.4

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:36

Trust: 1.0

vendor:openprintingmodel:cupsscope:ltversion:2.4.2

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:11.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:35

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:gteversion:11.0

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:gtversion:12.0.0

Trust: 1.0

sources: NVD: CVE-2022-26691

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-26691
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202205-4149
value: MEDIUM

Trust: 0.6

VULHUB: VHN-417360
value: HIGH

Trust: 0.1

VULMON: CVE-2022-26691
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2022-26691
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-417360
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-26691
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-417360 // VULMON: CVE-2022-26691 // CNNVD: CNNVD-202205-4149 // NVD: CVE-2022-26691

PROBLEMTYPE DATA

problemtype:CWE-697

Trust: 1.0

problemtype:CWE-269

Trust: 0.1

sources: VULHUB: VHN-417360 // NVD: CVE-2022-26691

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202205-4149

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202205-4149

PATCH

title:Apple macOS Remediation measures for authorization problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=195379

Trust: 0.6

title:Debian CVElist Bug Report Logs: cups: CVE-2022-26691: authorization bypass when using "local" authorizationurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=4083971026961f67214911abf1061c00

Trust: 0.1

title:Debian Security Advisories: DSA-5149-1 cups -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=5c3e2a8a674123f96fd928688add2133

Trust: 0.1

title:Red Hat: Important: cups security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225057 - Security Advisory

Trust: 0.1

title:Red Hat: Important: cups security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225055 - Security Advisory

Trust: 0.1

title:Red Hat: Important: cups security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225056 - Security Advisory

Trust: 0.1

title:Red Hat: Important: cups security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225054 - Security Advisory

Trust: 0.1

title:Red Hat: Important: cups security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20224990 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: USN-5454-2: CUPS vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5454-2

Trust: 0.1

title:Ubuntu Security Notice: USN-5454-1: CUPS vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5454-1

Trust: 0.1

title:Amazon Linux 2022: ALAS2022-2022-108url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-108

Trust: 0.1

title:Amazon Linux 2022: ALAS2022-2022-203url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-203

Trust: 0.1

title:Red Hat: Moderate: Logging Subsystem 5.4.3 - Red Hat OpenShift security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225556 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift API for Data Protection (OADP) 1.1.0 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226290 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift API for Data Protection (OADP) 1.0.4 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226430 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225483 - Security Advisory

Trust: 0.1

title:Red Hat: Important: OpenShift Container Platform 4.11.0 bug fix and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225069 - Security Advisory

Trust: 0.1

sources: VULMON: CVE-2022-26691 // CNNVD: CNNVD-202205-4149

EXTERNAL IDS

db:NVDid:CVE-2022-26691

Trust: 2.6

db:PACKETSTORMid:167332

Trust: 0.8

db:PACKETSTORMid:167845

Trust: 0.8

db:PACKETSTORMid:168228

Trust: 0.8

db:PACKETSTORMid:167514

Trust: 0.7

db:PACKETSTORMid:167338

Trust: 0.7

db:CS-HELPid:SB2022053129

Trust: 0.6

db:CS-HELPid:SB2022052626

Trust: 0.6

db:CS-HELPid:SB2022053018

Trust: 0.6

db:CS-HELPid:SB2022072010

Trust: 0.6

db:CS-HELPid:SB2022070643

Trust: 0.6

db:CS-HELPid:SB2022060108

Trust: 0.6

db:AUSCERTid:ESB-2022.2675

Trust: 0.6

db:AUSCERTid:ESB-2022.4324

Trust: 0.6

db:AUSCERTid:ESB-2022.3977

Trust: 0.6

db:AUSCERTid:ESB-2022.2609

Trust: 0.6

db:AUSCERTid:ESB-2022.3236

Trust: 0.6

db:CNNVDid:CNNVD-202205-4149

Trust: 0.6

db:PACKETSTORMid:167512

Trust: 0.2

db:PACKETSTORMid:167510

Trust: 0.2

db:PACKETSTORMid:167501

Trust: 0.1

db:PACKETSTORMid:167507

Trust: 0.1

db:VULHUBid:VHN-417360

Trust: 0.1

db:ICS CERTid:ICSA-24-046-11

Trust: 0.1

db:VULMONid:CVE-2022-26691

Trust: 0.1

db:PACKETSTORMid:168351

Trust: 0.1

db:PACKETSTORMid:167679

Trust: 0.1

db:PACKETSTORMid:177174

Trust: 0.1

sources: VULHUB: VHN-417360 // VULMON: CVE-2022-26691 // PACKETSTORM: 168351 // PACKETSTORM: 167510 // PACKETSTORM: 168228 // PACKETSTORM: 167679 // PACKETSTORM: 167845 // PACKETSTORM: 167512 // PACKETSTORM: 167332 // PACKETSTORM: 177174 // CNNVD: CNNVD-202205-4149 // NVD: CVE-2022-26691

REFERENCES

url:https://www.debian.org/security/2022/dsa-5149

Trust: 1.9

url:https://github.com/openprinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444

Trust: 1.8

url:https://github.com/mandiant/vulnerability-disclosures/blob/master/2022/mndt-2022-0026/mndt-2022-0026.md

Trust: 1.8

url:https://support.apple.com/en-us/ht213183

Trust: 1.8

url:https://support.apple.com/en-us/ht213184

Trust: 1.8

url:https://support.apple.com/en-us/ht213185

Trust: 1.8

url:https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html

Trust: 1.8

url:https://access.redhat.com/security/cve/cve-2022-26691

Trust: 1.2

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/kq6td7f3vritpehfdhzhk7mu6febmz5u/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/yqrit4h75xv6m42k7ztarwz7yllyqhpo/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/kq6td7f3vritpehfdhzhk7mu6febmz5u/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/yqrit4h75xv6m42k7ztarwz7yllyqhpo/

Trust: 0.7

url:https://access.redhat.com/security/team/contact/

Trust: 0.6

url:https://bugzilla.redhat.com/):

Trust: 0.6

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-26691

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-26691/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022052626

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3977

Trust: 0.6

url:https://packetstormsecurity.com/files/167332/ubuntu-security-notice-usn-5454-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/167845/red-hat-security-advisory-2022-5556-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/168228/red-hat-security-advisory-2022-6290-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb20220720108

Trust: 0.6

url:https://vigilance.fr/vulnerability/cups-privilege-escalation-via-local-authorization-certificate-strings-comparison-38451

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2609

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022060108

Trust: 0.6

url:https://packetstormsecurity.com/files/167338/ubuntu-security-notice-usn-5454-2.html

Trust: 0.6

url:https://packetstormsecurity.com/files/167514/red-hat-security-advisory-2022-4990-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022053018

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022070643

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2675

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3236

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4324

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022053129

Trust: 0.6

url:https://access.redhat.com/articles/11258

Trust: 0.4

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2022-1271

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2021-3634

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2022-25314

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-1271

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-40528

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2022-25313

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-25314

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-3634

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-40528

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-25313

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2022-29824

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2022-2097

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2068

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1292

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-21698

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1292

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-30629

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1586

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-2068

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2097

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-32206

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1586

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-32208

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-30631

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-24675

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-24675

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-21698

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-29154

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://issues.jboss.org/):

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/697.html

Trust: 0.1

url:https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011769

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5454-2

Trust: 0.1

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-11

Trust: 0.1

url:https://alas.aws.amazon.com/al2022/alas-2022-108.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-32148

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1962

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-30630

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1705

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2526

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1705

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:6430

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-2526

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1962

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5056

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-28327

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:6290

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-28327

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-29154

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3752

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-21781

Trust: 0.1

url:https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4157

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3744

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27820

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-19131

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0536

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3743

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3737

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1011

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0235

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4037

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13974

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29154

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20322

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1154

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3759

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4083

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-45486

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-37159

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-4788

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3772

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-0404

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3669

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3764

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13974

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20322

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-41617

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0322

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-43056

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3612

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35492

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-45485

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3773

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-4788

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4002

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-41864

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21781

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-43976

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-29154

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5483

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0002

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4203

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-0941

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-43389

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25032

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25032

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-19131

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-0941

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-26401

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23852

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27820

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-4189

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35492

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-44733

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3612

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-42739

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0286

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0001

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-26401

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-0404

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27666

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-release-notes.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27774

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1621

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28915

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-38561

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-27782

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22576

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27782

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5556

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-27776

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28915

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-22576

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1629

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-27666

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-27774

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-27776

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1629

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1621

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-upgrading.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-38561

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5054

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8842

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/cups/2.3.1-9ubuntu1.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/cups/2.2.7-1ubuntu2.9

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5454-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/cups/2.3.3op2-7ubuntu2.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.1

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://security.gentoo.org/glsa/202402-17

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-34241

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-4504

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-32324

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

sources: VULHUB: VHN-417360 // VULMON: CVE-2022-26691 // PACKETSTORM: 168351 // PACKETSTORM: 167510 // PACKETSTORM: 168228 // PACKETSTORM: 167679 // PACKETSTORM: 167845 // PACKETSTORM: 167512 // PACKETSTORM: 167332 // PACKETSTORM: 177174 // CNNVD: CNNVD-202205-4149 // NVD: CVE-2022-26691

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 168351 // PACKETSTORM: 167510 // PACKETSTORM: 168228 // PACKETSTORM: 167679 // PACKETSTORM: 167845 // PACKETSTORM: 167512

SOURCES

db:VULHUBid:VHN-417360
db:VULMONid:CVE-2022-26691
db:PACKETSTORMid:168351
db:PACKETSTORMid:167510
db:PACKETSTORMid:168228
db:PACKETSTORMid:167679
db:PACKETSTORMid:167845
db:PACKETSTORMid:167512
db:PACKETSTORMid:167332
db:PACKETSTORMid:177174
db:CNNVDid:CNNVD-202205-4149
db:NVDid:CVE-2022-26691

LAST UPDATE DATE

2024-11-07T21:31:21.181000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-417360date:2022-10-19T00:00:00
db:VULMONid:CVE-2022-26691date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-202205-4149date:2022-09-02T00:00:00
db:NVDid:CVE-2022-26691date:2023-11-07T03:45:07.730

SOURCES RELEASE DATE

db:VULHUBid:VHN-417360date:2022-05-26T00:00:00
db:VULMONid:CVE-2022-26691date:2022-05-26T00:00:00
db:PACKETSTORMid:168351date:2022-09-13T15:41:58
db:PACKETSTORMid:167510date:2022-06-20T00:43:44
db:PACKETSTORMid:168228date:2022-09-01T16:34:06
db:PACKETSTORMid:167679date:2022-07-01T15:04:32
db:PACKETSTORMid:167845date:2022-07-27T17:28:30
db:PACKETSTORMid:167512date:2022-06-20T00:45:59
db:PACKETSTORMid:167332date:2022-05-31T17:25:20
db:PACKETSTORMid:177174date:2024-02-19T14:20:19
db:CNNVDid:CNNVD-202205-4149date:2022-05-25T00:00:00
db:NVDid:CVE-2022-26691date:2022-05-26T18:15:09.340