ID

VAR-202205-1990


CVE

CVE-2022-1927


TITLE

Vim Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202205-4253

DESCRIPTION

Buffer Over-read in GitHub repository vim/vim prior to 8.2. Vim is a cross-platform text editor. Vim versions prior to 8.2 have a security vulnerability caused by buffer overreading. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Vim, gVim: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231 ID: 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. gVim is the GUI version of Vim. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/gvim < 9.0.0060 >= 9.0.0060 2 app-editors/vim < 9.0.0060 >= 9.0.0060 3 app-editors/vim-core < 9.0.0060 >= 9.0.0060 Description ========== Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Vim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060" All gVim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060" All vim-core users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060" References ========= [ 1 ] CVE-2021-3770 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 [ 2 ] CVE-2021-3778 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 [ 3 ] CVE-2021-3796 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 [ 4 ] CVE-2021-3872 https://nvd.nist.gov/vuln/detail/CVE-2021-3872 [ 5 ] CVE-2021-3875 https://nvd.nist.gov/vuln/detail/CVE-2021-3875 [ 6 ] CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 [ 7 ] CVE-2021-3928 https://nvd.nist.gov/vuln/detail/CVE-2021-3928 [ 8 ] CVE-2021-3968 https://nvd.nist.gov/vuln/detail/CVE-2021-3968 [ 9 ] CVE-2021-3973 https://nvd.nist.gov/vuln/detail/CVE-2021-3973 [ 10 ] CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 [ 11 ] CVE-2021-3984 https://nvd.nist.gov/vuln/detail/CVE-2021-3984 [ 12 ] CVE-2021-4019 https://nvd.nist.gov/vuln/detail/CVE-2021-4019 [ 13 ] CVE-2021-4069 https://nvd.nist.gov/vuln/detail/CVE-2021-4069 [ 14 ] CVE-2021-4136 https://nvd.nist.gov/vuln/detail/CVE-2021-4136 [ 15 ] CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 [ 16 ] CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 [ 17 ] CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 [ 18 ] CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 [ 19 ] CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 [ 20 ] CVE-2021-46059 https://nvd.nist.gov/vuln/detail/CVE-2021-46059 [ 21 ] CVE-2022-0128 https://nvd.nist.gov/vuln/detail/CVE-2022-0128 [ 22 ] CVE-2022-0156 https://nvd.nist.gov/vuln/detail/CVE-2022-0156 [ 23 ] CVE-2022-0158 https://nvd.nist.gov/vuln/detail/CVE-2022-0158 [ 24 ] CVE-2022-0213 https://nvd.nist.gov/vuln/detail/CVE-2022-0213 [ 25 ] CVE-2022-0261 https://nvd.nist.gov/vuln/detail/CVE-2022-0261 [ 26 ] CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 [ 27 ] CVE-2022-0319 https://nvd.nist.gov/vuln/detail/CVE-2022-0319 [ 28 ] CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 [ 29 ] CVE-2022-0359 https://nvd.nist.gov/vuln/detail/CVE-2022-0359 [ 30 ] CVE-2022-0361 https://nvd.nist.gov/vuln/detail/CVE-2022-0361 [ 31 ] CVE-2022-0368 https://nvd.nist.gov/vuln/detail/CVE-2022-0368 [ 32 ] CVE-2022-0392 https://nvd.nist.gov/vuln/detail/CVE-2022-0392 [ 33 ] CVE-2022-0393 https://nvd.nist.gov/vuln/detail/CVE-2022-0393 [ 34 ] CVE-2022-0407 https://nvd.nist.gov/vuln/detail/CVE-2022-0407 [ 35 ] CVE-2022-0408 https://nvd.nist.gov/vuln/detail/CVE-2022-0408 [ 36 ] CVE-2022-0413 https://nvd.nist.gov/vuln/detail/CVE-2022-0413 [ 37 ] CVE-2022-0417 https://nvd.nist.gov/vuln/detail/CVE-2022-0417 [ 38 ] CVE-2022-0443 https://nvd.nist.gov/vuln/detail/CVE-2022-0443 [ 39 ] CVE-2022-0554 https://nvd.nist.gov/vuln/detail/CVE-2022-0554 [ 40 ] CVE-2022-0629 https://nvd.nist.gov/vuln/detail/CVE-2022-0629 [ 41 ] CVE-2022-0685 https://nvd.nist.gov/vuln/detail/CVE-2022-0685 [ 42 ] CVE-2022-0714 https://nvd.nist.gov/vuln/detail/CVE-2022-0714 [ 43 ] CVE-2022-0729 https://nvd.nist.gov/vuln/detail/CVE-2022-0729 [ 44 ] CVE-2022-0943 https://nvd.nist.gov/vuln/detail/CVE-2022-0943 [ 45 ] CVE-2022-1154 https://nvd.nist.gov/vuln/detail/CVE-2022-1154 [ 46 ] CVE-2022-1160 https://nvd.nist.gov/vuln/detail/CVE-2022-1160 [ 47 ] CVE-2022-1381 https://nvd.nist.gov/vuln/detail/CVE-2022-1381 [ 48 ] CVE-2022-1420 https://nvd.nist.gov/vuln/detail/CVE-2022-1420 [ 49 ] CVE-2022-1616 https://nvd.nist.gov/vuln/detail/CVE-2022-1616 [ 50 ] CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 [ 51 ] CVE-2022-1620 https://nvd.nist.gov/vuln/detail/CVE-2022-1620 [ 52 ] CVE-2022-1621 https://nvd.nist.gov/vuln/detail/CVE-2022-1621 [ 53 ] CVE-2022-1629 https://nvd.nist.gov/vuln/detail/CVE-2022-1629 [ 54 ] CVE-2022-1674 https://nvd.nist.gov/vuln/detail/CVE-2022-1674 [ 55 ] CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 [ 56 ] CVE-2022-1733 https://nvd.nist.gov/vuln/detail/CVE-2022-1733 [ 57 ] CVE-2022-1735 https://nvd.nist.gov/vuln/detail/CVE-2022-1735 [ 58 ] CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 [ 59 ] CVE-2022-1771 https://nvd.nist.gov/vuln/detail/CVE-2022-1771 [ 60 ] CVE-2022-1785 https://nvd.nist.gov/vuln/detail/CVE-2022-1785 [ 61 ] CVE-2022-1796 https://nvd.nist.gov/vuln/detail/CVE-2022-1796 [ 62 ] CVE-2022-1851 https://nvd.nist.gov/vuln/detail/CVE-2022-1851 [ 63 ] CVE-2022-1886 https://nvd.nist.gov/vuln/detail/CVE-2022-1886 [ 64 ] CVE-2022-1897 https://nvd.nist.gov/vuln/detail/CVE-2022-1897 [ 65 ] CVE-2022-1898 https://nvd.nist.gov/vuln/detail/CVE-2022-1898 [ 66 ] CVE-2022-1927 https://nvd.nist.gov/vuln/detail/CVE-2022-1927 [ 67 ] CVE-2022-1942 https://nvd.nist.gov/vuln/detail/CVE-2022-1942 [ 68 ] CVE-2022-1968 https://nvd.nist.gov/vuln/detail/CVE-2022-1968 [ 69 ] CVE-2022-2000 https://nvd.nist.gov/vuln/detail/CVE-2022-2000 [ 70 ] CVE-2022-2042 https://nvd.nist.gov/vuln/detail/CVE-2022-2042 [ 71 ] CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 [ 72 ] CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 [ 73 ] CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 [ 74 ] CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 [ 75 ] CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 [ 76 ] CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 [ 77 ] CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 [ 78 ] CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 [ 79 ] CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 [ 80 ] CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 [ 81 ] CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 [ 82 ] CVE-2022-2231 https://nvd.nist.gov/vuln/detail/CVE-2022-2231 [ 83 ] CVE-2022-2257 https://nvd.nist.gov/vuln/detail/CVE-2022-2257 [ 84 ] CVE-2022-2264 https://nvd.nist.gov/vuln/detail/CVE-2022-2264 [ 85 ] CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 [ 86 ] CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 [ 87 ] CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 [ 88 ] CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 [ 89 ] CVE-2022-2288 https://nvd.nist.gov/vuln/detail/CVE-2022-2288 [ 90 ] CVE-2022-2289 https://nvd.nist.gov/vuln/detail/CVE-2022-2289 [ 91 ] CVE-2022-2304 https://nvd.nist.gov/vuln/detail/CVE-2022-2304 [ 92 ] CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 [ 93 ] CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 [ 94 ] CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-32 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Description: Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes: https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5.2/html-single/release_notes/index All users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog, which provides numerous enhancements and bug fixes. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 2031228 - CVE-2021-43813 grafana: directory traversal vulnerability 2044628 - CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources 2115198 - build ceph containers for RHCS 5.2 release 5. Description: Red Hat Advanced Cluster Management for Kubernetes 2.4.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/ Security fixes: * golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629) * moment: inefficient parsing algorithim resulting in DoS (CVE-2022-31129) * nodejs16: CRLF injection in node-undici (CVE-2022-31150) * nodejs/undici: Cookie headers uncleared on cross-origin redirect (CVE-2022-31151) * vm2: Sandbox Escape in vm2 (CVE-2022-36067) Bug fixes: * RHACM 2.4 using deprecated APIs in managed clusters (BZ# 2041540) * vSphere network name doesn't allow entering spaces and doesn't reflect YAML changes (BZ# 2074766) * cluster update status is stuck, also update is not even visible (BZ# 2079418) * Policy that creates cluster role is showing as not compliant due to Request entity too large message (BZ# 2088486) * Upgraded from RHACM 2.2-->2.3-->2.4 and cannot create cluster (BZ# 2089490) * ACM Console Becomes Unusable After a Time (BZ# 2097464) * RHACM 2.4.6 images (BZ# 2100613) * Cluster Pools with conflicting name of existing clusters in same namespace fails creation and deletes existing cluster (BZ# 2102436) * ManagedClusters in Pending import state after ACM hub migration (BZ# 2102495) 3. Solution: For Red Hat Advanced Cluster Management for Kubernetes, see the following documentation, which will be updated shortly for this release, for important instructions on installing this update: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing 4. Bugs fixed (https://bugzilla.redhat.com/): 2041540 - RHACM 2.4 using deprecated APIs in managed clusters 2074766 - vSphere network name doesn't allow entering spaces and doesn't reflect YAML changes 2079418 - cluster update status is stuck, also update is not even visible 2088486 - Policy that creates cluster role is showing as not compliant due to Request entity too large message 2089490 - Upgraded from RHACM 2.2-->2.3-->2.4 and cannot create cluster 2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add 2097464 - ACM Console Becomes Unusable After a Time 2100613 - RHACM 2.4.6 images 2102436 - Cluster Pools with conflicting name of existing clusters in same namespace fails creation and deletes existing cluster 2102495 - ManagedClusters in Pending import state after ACM hub migration 2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS 2109354 - CVE-2022-31150 nodejs16: CRLF injection in node-undici 2121396 - CVE-2022-31151 nodejs/undici: Cookie headers uncleared on cross-origin redirect 2124794 - CVE-2022-36067 vm2: Sandbox Escape in vm2 5. Summary: OpenShift sandboxed containers 1.3.1 is now available. Description: OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional, optional runtime. Bugs fixed (https://bugzilla.redhat.com/): 2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode 2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob 2118556 - CVE-2022-2832 blender: Null pointer reference in blender thumbnail extractor 5. JIRA issues fixed (https://issues.jboss.org/): KATA-1751 - CVE-2022-24675 osc-operator-container: golang: encoding/pem: fix stack overflow in Decode [rhosc-1] KATA-1752 - CVE-2022-28327 osc-operator-container: golang: crypto/elliptic: panic caused by oversized scalar [rhosc-1] KATA-1754 - OSC Pod security issue in 4.12 prevents subscribing to operator KATA-1758 - CVE-2022-30632 osc-operator-container: golang: path/filepath: stack exhaustion in Glob [rhosc-1] 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: vim security update Advisory ID: RHSA-2022:5813-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:5813 Issue date: 2022-08-02 CVE Names: CVE-2022-1785 CVE-2022-1897 CVE-2022-1927 ==================================================================== 1. Summary: An update for vim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * vim: Out-of-bounds Write (CVE-2022-1785) * vim: out-of-bounds write in vim_regsub_both() in regexp.c (CVE-2022-1897) * vim: buffer over-read in utf_ptr2char() in mbyte.c (CVE-2022-1927) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2088689 - CVE-2022-1785 vim: Out-of-bounds Write 2091682 - CVE-2022-1897 vim: out-of-bounds write in vim_regsub_both() in regexp.c 2091687 - CVE-2022-1927 vim: buffer over-read in utf_ptr2char() in mbyte.c 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): aarch64: vim-X11-8.0.1763-19.el8_6.4.aarch64.rpm vim-X11-debuginfo-8.0.1763-19.el8_6.4.aarch64.rpm vim-common-8.0.1763-19.el8_6.4.aarch64.rpm vim-common-debuginfo-8.0.1763-19.el8_6.4.aarch64.rpm vim-debuginfo-8.0.1763-19.el8_6.4.aarch64.rpm vim-debugsource-8.0.1763-19.el8_6.4.aarch64.rpm vim-enhanced-8.0.1763-19.el8_6.4.aarch64.rpm vim-enhanced-debuginfo-8.0.1763-19.el8_6.4.aarch64.rpm vim-minimal-debuginfo-8.0.1763-19.el8_6.4.aarch64.rpm noarch: vim-filesystem-8.0.1763-19.el8_6.4.noarch.rpm ppc64le: vim-X11-8.0.1763-19.el8_6.4.ppc64le.rpm vim-X11-debuginfo-8.0.1763-19.el8_6.4.ppc64le.rpm vim-common-8.0.1763-19.el8_6.4.ppc64le.rpm vim-common-debuginfo-8.0.1763-19.el8_6.4.ppc64le.rpm vim-debuginfo-8.0.1763-19.el8_6.4.ppc64le.rpm vim-debugsource-8.0.1763-19.el8_6.4.ppc64le.rpm vim-enhanced-8.0.1763-19.el8_6.4.ppc64le.rpm vim-enhanced-debuginfo-8.0.1763-19.el8_6.4.ppc64le.rpm vim-minimal-debuginfo-8.0.1763-19.el8_6.4.ppc64le.rpm s390x: vim-X11-8.0.1763-19.el8_6.4.s390x.rpm vim-X11-debuginfo-8.0.1763-19.el8_6.4.s390x.rpm vim-common-8.0.1763-19.el8_6.4.s390x.rpm vim-common-debuginfo-8.0.1763-19.el8_6.4.s390x.rpm vim-debuginfo-8.0.1763-19.el8_6.4.s390x.rpm vim-debugsource-8.0.1763-19.el8_6.4.s390x.rpm vim-enhanced-8.0.1763-19.el8_6.4.s390x.rpm vim-enhanced-debuginfo-8.0.1763-19.el8_6.4.s390x.rpm vim-minimal-debuginfo-8.0.1763-19.el8_6.4.s390x.rpm x86_64: vim-X11-8.0.1763-19.el8_6.4.x86_64.rpm vim-X11-debuginfo-8.0.1763-19.el8_6.4.x86_64.rpm vim-common-8.0.1763-19.el8_6.4.x86_64.rpm vim-common-debuginfo-8.0.1763-19.el8_6.4.x86_64.rpm vim-debuginfo-8.0.1763-19.el8_6.4.x86_64.rpm vim-debugsource-8.0.1763-19.el8_6.4.x86_64.rpm vim-enhanced-8.0.1763-19.el8_6.4.x86_64.rpm vim-enhanced-debuginfo-8.0.1763-19.el8_6.4.x86_64.rpm vim-minimal-debuginfo-8.0.1763-19.el8_6.4.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: vim-8.0.1763-19.el8_6.4.src.rpm aarch64: vim-X11-debuginfo-8.0.1763-19.el8_6.4.aarch64.rpm vim-common-debuginfo-8.0.1763-19.el8_6.4.aarch64.rpm vim-debuginfo-8.0.1763-19.el8_6.4.aarch64.rpm vim-debugsource-8.0.1763-19.el8_6.4.aarch64.rpm vim-enhanced-debuginfo-8.0.1763-19.el8_6.4.aarch64.rpm vim-minimal-8.0.1763-19.el8_6.4.aarch64.rpm vim-minimal-debuginfo-8.0.1763-19.el8_6.4.aarch64.rpm ppc64le: vim-X11-debuginfo-8.0.1763-19.el8_6.4.ppc64le.rpm vim-common-debuginfo-8.0.1763-19.el8_6.4.ppc64le.rpm vim-debuginfo-8.0.1763-19.el8_6.4.ppc64le.rpm vim-debugsource-8.0.1763-19.el8_6.4.ppc64le.rpm vim-enhanced-debuginfo-8.0.1763-19.el8_6.4.ppc64le.rpm vim-minimal-8.0.1763-19.el8_6.4.ppc64le.rpm vim-minimal-debuginfo-8.0.1763-19.el8_6.4.ppc64le.rpm s390x: vim-X11-debuginfo-8.0.1763-19.el8_6.4.s390x.rpm vim-common-debuginfo-8.0.1763-19.el8_6.4.s390x.rpm vim-debuginfo-8.0.1763-19.el8_6.4.s390x.rpm vim-debugsource-8.0.1763-19.el8_6.4.s390x.rpm vim-enhanced-debuginfo-8.0.1763-19.el8_6.4.s390x.rpm vim-minimal-8.0.1763-19.el8_6.4.s390x.rpm vim-minimal-debuginfo-8.0.1763-19.el8_6.4.s390x.rpm x86_64: vim-X11-debuginfo-8.0.1763-19.el8_6.4.x86_64.rpm vim-common-debuginfo-8.0.1763-19.el8_6.4.x86_64.rpm vim-debuginfo-8.0.1763-19.el8_6.4.x86_64.rpm vim-debugsource-8.0.1763-19.el8_6.4.x86_64.rpm vim-enhanced-debuginfo-8.0.1763-19.el8_6.4.x86_64.rpm vim-minimal-8.0.1763-19.el8_6.4.x86_64.rpm vim-minimal-debuginfo-8.0.1763-19.el8_6.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-1785 https://access.redhat.com/security/cve/CVE-2022-1897 https://access.redhat.com/security/cve/CVE-2022-1927 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYuqtadzjgjWX9erEAQi9TBAAjU7ACkAKBEDU+/ud9hUJVep1bgN186ub awZUcwzRqzmJAcOkKUYwUTPbuQwKR8eTA7+NDuM4luivv0a4E1w0p68Jh3dsrshZ CkYRn/7zAlc567OI0cS6vT8lEgoL0TQeptkKwzb54Pj+nAkZHGseRCDaZ9eP+wGd Sjf4zs9w2UcXx9TpjIOHuWJRZpRg3grIKVS4Gen171enlXC5SETfGGCnto3hFfhB W/4TlvMybSQw0CGqdjQ1tg3U8A+kkz3gX2Q2jsA43eilzwuWHJhpjEUSasdA85oT 1gKNT4GKgn/7JQVCN8mIKuocDGt96vGx0LNP2a/ro+qLUjefcR9eWgOYoZC3NGr8 JrglYR86604hRaOvkBuupA+L/4qlPQTtkewspX8MeHJvwqHgNuPCV47JVBbPAEKY FfJTnQW9Nx6bKhLAEqlijA1b0RPwUEY7pzvJHtxkGAE2UCvgMxNob8cHvNoLrsrV zK48q/0aR0Q9mUVcGX7cgkX21HrVPLwD7CpQtE8fL6HYfXBYlJ+0IQWoB9P8rOWM O4vSgvOz1t7Z+GhRToWuc7zcJK8mZq9E9Q0BFFy6Kz2MQS2CMsyWoCE89kuzGU27 VoFvrSEV1V6shI8i54YZUGCsNgI8oWCa1ijlGV92IMsZgdzSvUHLkwAut8VnBocq B2SP8jmnNLk=Vo5U -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Summary: This is an updated release of the Self Node Remediation Operator. The Self Node Remediation Operator replaces the Poison Pill Operator, and is delivered by Red Hat Workload Availability. Description: The Self Node Remediation Operator works in conjunction with the Machine Health Check or the Node Health Check Operators to provide automatic remediation of unhealthy nodes by rebooting them. This minimizes downtime for stateful applications and RWO volumes, as well as restoring compute capacity in the event of transient failures. Bugs fixed (https://bugzilla.redhat.com/): 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 5. 9) - aarch64, noarch, ppc64le, s390x, x86_64 3

Trust: 1.71

sources: NVD: CVE-2022-1927 // VULHUB: VHN-423615 // VULMON: CVE-2022-1927 // PACKETSTORM: 168124 // PACKETSTORM: 168022 // PACKETSTORM: 168538 // PACKETSTORM: 169443 // PACKETSTORM: 167944 // PACKETSTORM: 168182 // PACKETSTORM: 168013

AFFECTED PRODUCTS

vendor:fedoraprojectmodel:fedorascope:eqversion:34

Trust: 1.0

vendor:applemodel:macosscope:ltversion:13.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:35

Trust: 1.0

vendor:vimmodel:vimscope:ltversion:8.2.5037

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:36

Trust: 1.0

sources: NVD: CVE-2022-1927

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-1927
value: HIGH

Trust: 1.0

security@huntr.dev: CVE-2022-1927
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202205-4253
value: HIGH

Trust: 0.6

VULHUB: VHN-423615
value: MEDIUM

Trust: 0.1

VULMON: CVE-2022-1927
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-1927
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-423615
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-1927
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

security@huntr.dev: CVE-2022-1927
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-423615 // VULMON: CVE-2022-1927 // CNNVD: CNNVD-202205-4253 // NVD: CVE-2022-1927 // NVD: CVE-2022-1927

PROBLEMTYPE DATA

problemtype:CWE-126

Trust: 1.1

problemtype:CWE-125

Trust: 1.0

sources: VULHUB: VHN-423615 // NVD: CVE-2022-1927

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202205-4253

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202205-4253

PATCH

title:Vim Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=212449

Trust: 0.6

title:Red Hat: Moderate: vim security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225942 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: vim security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225813 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Self Node Remediation Operator 0.4.1 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226184 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift Container Platform 4.11.1 bug fix and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226103 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Openshift Logging Security and Bug Fix update (5.3.11)url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226182 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Logging Subsystem 5.5.0 - Red Hat OpenShift security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226051 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat OpenShift Service Mesh 2.2.2 Containers security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226283 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Logging Subsystem 5.4.5 Security and Bug Fix Updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226183 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: Red Hat Advanced Cluster Management 2.5.2 security fixes and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226507 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: RHOSDT 2.6.0 operator/operand containers Security Updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227055 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift sandboxed containers 1.3.1 security fix and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227058 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: New container image for Red Hat Ceph Storage 5.2 Security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226024 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: RHACS 3.72 enhancement and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226714 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226370 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat Advanced Cluster Management 2.3.12 security updates and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226271 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: Red Hat Advanced Cluster Management 2.4.6 security update and bug fixesurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226696 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226156 - Security Advisory

Trust: 0.1

title:Red Hat: Important: OpenShift Container Platform 4.11.45 bug fix and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20234053 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift Virtualization 4.11.1 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228750 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Migration Toolkit for Containers (MTC) 1.7.4 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226429 - Security Advisory

Trust: 0.1

title:Red Hat: Important: OpenShift Virtualization 4.12.0 Images security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20230408 - Security Advisory

Trust: 0.1

title:Amazon Linux AMI: ALAS-2022-1628url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1628

Trust: 0.1

title:Red Hat: Moderate: Openshift Logging 5.3.14 bug fix release and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228889 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Logging Subsystem 5.5.5 - Red Hat OpenShift security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228781 - Security Advisory

Trust: 0.1

title:Amazon Linux 2022: ALAS2022-2022-116url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-116

Trust: 0.1

title:Amazon Linux 2: ALAS2-2022-1829url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2022-1829

Trust: 0.1

sources: VULMON: CVE-2022-1927 // CNNVD: CNNVD-202205-4253

EXTERNAL IDS

db:NVDid:CVE-2022-1927

Trust: 2.5

db:PACKETSTORMid:167944

Trust: 0.8

db:PACKETSTORMid:168538

Trust: 0.8

db:PACKETSTORMid:168182

Trust: 0.8

db:PACKETSTORMid:168013

Trust: 0.8

db:PACKETSTORMid:169443

Trust: 0.8

db:PACKETSTORMid:168022

Trust: 0.8

db:PACKETSTORMid:168378

Trust: 0.7

db:PACKETSTORMid:168112

Trust: 0.7

db:PACKETSTORMid:168222

Trust: 0.7

db:PACKETSTORMid:168284

Trust: 0.7

db:CNNVDid:CNNVD-202205-4253

Trust: 0.7

db:AUSCERTid:ESB-2022.4122

Trust: 0.6

db:AUSCERTid:ESB-2022.6290

Trust: 0.6

db:AUSCERTid:ESB-2023.2896

Trust: 0.6

db:AUSCERTid:ESB-2023.4082

Trust: 0.6

db:AUSCERTid:ESB-2022.5247

Trust: 0.6

db:AUSCERTid:ESB-2022.5300

Trust: 0.6

db:AUSCERTid:ESB-2022.4233

Trust: 0.6

db:AUSCERTid:ESB-2022.3813

Trust: 0.6

db:AUSCERTid:ESB-2022.4316

Trust: 0.6

db:AUSCERTid:ESB-2022.4167

Trust: 0.6

db:AUSCERTid:ESB-2022.4747

Trust: 0.6

db:AUSCERTid:ESB-2022.3921

Trust: 0.6

db:AUSCERTid:ESB-2022.4568

Trust: 0.6

db:AUSCERTid:ESB-2022.3002

Trust: 0.6

db:AUSCERTid:ESB-2023.0019

Trust: 0.6

db:AUSCERTid:ESB-2022.6434

Trust: 0.6

db:CS-HELPid:SB2022062022

Trust: 0.6

db:PACKETSTORMid:168516

Trust: 0.1

db:PACKETSTORMid:168150

Trust: 0.1

db:PACKETSTORMid:168289

Trust: 0.1

db:PACKETSTORMid:168287

Trust: 0.1

db:PACKETSTORMid:168139

Trust: 0.1

db:PACKETSTORMid:169435

Trust: 0.1

db:PACKETSTORMid:168213

Trust: 0.1

db:VULHUBid:VHN-423615

Trust: 0.1

db:VULMONid:CVE-2022-1927

Trust: 0.1

db:PACKETSTORMid:168124

Trust: 0.1

sources: VULHUB: VHN-423615 // VULMON: CVE-2022-1927 // PACKETSTORM: 168124 // PACKETSTORM: 168022 // PACKETSTORM: 168538 // PACKETSTORM: 169443 // PACKETSTORM: 167944 // PACKETSTORM: 168182 // PACKETSTORM: 168013 // CNNVD: CNNVD-202205-4253 // NVD: CVE-2022-1927

REFERENCES

url:https://security.gentoo.org/glsa/202208-32

Trust: 1.9

url:https://support.apple.com/kb/ht213488

Trust: 1.8

url:https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777

Trust: 1.8

url:http://seclists.org/fulldisclosure/2022/oct/28

Trust: 1.8

url:http://seclists.org/fulldisclosure/2022/oct/41

Trust: 1.8

url:https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010

Trust: 1.8

url:https://security.gentoo.org/glsa/202305-16

Trust: 1.7

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/qmfhbc5oqxdpv2sdya2juqgvcpyastjb/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ozslfikfyu5y2km5ejkqnyhwrubdq4gj/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/tynk6sdcmolqjoi3b4aoe66p2g2ih4zm/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/qmfhbc5oqxdpv2sdya2juqgvcpyastjb/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/tynk6sdcmolqjoi3b4aoe66p2g2ih4zm/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ozslfikfyu5y2km5ejkqnyhwrubdq4gj/

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-1927

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-1785

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-1897

Trust: 0.7

url:https://access.redhat.com/security/team/contact/

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-1785

Trust: 0.6

url:https://bugzilla.redhat.com/):

Trust: 0.6

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-1897

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-1927

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4747

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3813

Trust: 0.6

url:https://packetstormsecurity.com/files/168538/red-hat-security-advisory-2022-6696-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/168222/red-hat-security-advisory-2022-6283-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/168182/red-hat-security-advisory-2022-6184-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.2896

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.6290

Trust: 0.6

url:https://packetstormsecurity.com/files/168013/red-hat-security-advisory-2022-5942-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4233

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.5300

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.6434

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3002

Trust: 0.6

url:https://packetstormsecurity.com/files/168378/red-hat-security-advisory-2022-6507-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.5247

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4316

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-1927/

Trust: 0.6

url:https://vigilance.fr/vulnerability/vim-out-of-bounds-memory-reading-via-parse-cmd-address-38495

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3921

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.4082

Trust: 0.6

url:https://packetstormsecurity.com/files/168112/red-hat-security-advisory-2022-6051-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/168284/red-hat-security-advisory-2022-6183-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/167944/red-hat-security-advisory-2022-5813-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.0019

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022062022

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4167

Trust: 0.6

url:https://packetstormsecurity.com/files/168022/red-hat-security-advisory-2022-6024-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4122

Trust: 0.6

url:https://packetstormsecurity.com/files/169443/red-hat-security-advisory-2022-7058-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4568

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2022-2097

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-2068

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-1292

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2022-1292

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2022-1586

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2022-2068

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-2097

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-1586

Trust: 0.4

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.4

url:https://access.redhat.com/articles/11258

Trust: 0.3

url:https://access.redhat.com/errata/rhsa-2022:5942

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-25314

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-27782

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-27776

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-22576

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-40528

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-25313

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-27774

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-40528

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-29824

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-0391

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-20107

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-20107

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-32206

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-32208

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0391

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-34903

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-29154

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/126.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://alas.aws.amazon.com/alas-2022-1628.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0361

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2129

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0261

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0413

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0943

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3796

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2175

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0408

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2286

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2126

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1886

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1771

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1851

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2000

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2287

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0158

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1674

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0417

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1968

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1621

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0407

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0318

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2284

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2288

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0392

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2345

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2257

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1154

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0368

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0128

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0554

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0443

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2124

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2343

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1381

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1735

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0714

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2125

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4193

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3778

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1733

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2207

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3984

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0629

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1629

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0393

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2183

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0156

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4069

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1616

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4166

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2264

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3927

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1619

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0685

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2304

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1620

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0319

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1898

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3974

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2344

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0351

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3928

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4019

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3968

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0213

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1796

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0729

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2206

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1720

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-46059

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3770

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1769

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2289

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0359

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3973

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4187

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1420

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2042

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2182

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4173

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3872

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1160

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3875

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4192

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4136

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2231

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2285

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2208

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1942

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2210

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-43813

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22576

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0670

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5.2/html-single/release_notes/index

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-43813

Trust: 0.1

url:https://access.redhat.com/articles/1548993

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0670

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-25314

Trust: 0.1

url:https://access.redhat.com/articles/2789521

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-21673

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-21673

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-25313

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:6024

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28915

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1729

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:6696

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-21123

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-32250

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-31150

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28915

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-21123

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-21166

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-36067

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-21125

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-30629

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1729

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-27666

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1012

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1012

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-2526

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-31129

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-31151

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-24675

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-30632

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.11/sandboxed_containers/sandboxed-containers-release-notes.html

Trust: 0.1

url:https://issues.jboss.org/):

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:7058

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32206

Trust: 0.1

url:https://docs.openshift.com/container-platform/latest/sandboxed_containers/upgrade-sandboxed-containers.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-24675

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2832

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-29154

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-40674

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-30632

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-2832

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5813

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:6184

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-30631

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-30631

Trust: 0.1

sources: VULHUB: VHN-423615 // VULMON: CVE-2022-1927 // PACKETSTORM: 168124 // PACKETSTORM: 168022 // PACKETSTORM: 168538 // PACKETSTORM: 169443 // PACKETSTORM: 167944 // PACKETSTORM: 168182 // PACKETSTORM: 168013 // CNNVD: CNNVD-202205-4253 // NVD: CVE-2022-1927

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 168022 // PACKETSTORM: 168538 // PACKETSTORM: 169443 // PACKETSTORM: 167944 // PACKETSTORM: 168182 // PACKETSTORM: 168013

SOURCES

db:VULHUBid:VHN-423615
db:VULMONid:CVE-2022-1927
db:PACKETSTORMid:168124
db:PACKETSTORMid:168022
db:PACKETSTORMid:168538
db:PACKETSTORMid:169443
db:PACKETSTORMid:167944
db:PACKETSTORMid:168182
db:PACKETSTORMid:168013
db:CNNVDid:CNNVD-202205-4253
db:NVDid:CVE-2022-1927

LAST UPDATE DATE

2024-11-07T21:44:34.630000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-423615date:2022-10-31T00:00:00
db:VULMONid:CVE-2022-1927date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-202205-4253date:2023-07-20T00:00:00
db:NVDid:CVE-2022-1927date:2023-11-07T03:42:18.747

SOURCES RELEASE DATE

db:VULHUBid:VHN-423615date:2022-05-29T00:00:00
db:VULMONid:CVE-2022-1927date:2022-05-29T00:00:00
db:PACKETSTORMid:168124date:2022-08-22T16:01:59
db:PACKETSTORMid:168022date:2022-08-10T15:50:41
db:PACKETSTORMid:168538date:2022-09-27T16:01:00
db:PACKETSTORMid:169443date:2022-10-20T14:21:57
db:PACKETSTORMid:167944date:2022-08-04T14:47:31
db:PACKETSTORMid:168182date:2022-08-25T15:29:18
db:PACKETSTORMid:168013date:2022-08-09T14:37:47
db:CNNVDid:CNNVD-202205-4253date:2022-05-29T00:00:00
db:NVDid:CVE-2022-1927date:2022-05-29T14:15:08.047