admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-12 22:00:54 +00:00
parent 5fdbebafff
commit 3ebec68557
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
18 changed files with 368 additions and 430 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2021/4xxx/CVE-2021-4316.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4316",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/4xxx/CVE-2021-4317.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4317",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/4xxx/CVE-2021-4318.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4318",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/4xxx/CVE-2021-4319.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4319",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/4xxx/CVE-2021-4320.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4320",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/4xxx/CVE-2021-4321.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4321",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/4xxx/CVE-2021-4322.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4322",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/4xxx/CVE-2021-4323.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4323",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/4xxx/CVE-2021-4324.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4324",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

82
2022/0xxx/CVE-2022-0552.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content."
"value": "A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content. This flaw affects origin-aggregated-logging versions 3.11."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
"value": "CWE-444",
"cweId": "CWE-444"
}
]
@ -32,38 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenShift Logging 5.1",
"product_name": "origin-aggregated-logging/elasticsearch",
"version": {
"version_data": [
{
"version_value": "v6.8.1-120",
"version_affected": "!"
}
]
}
},
{
"product_name": "OpenShift Logging 5.2",
"version": {
"version_data": [
{
"version_value": "v6.8.1-124",
"version_affected": "!"
}
]
}
},
{
"product_name": "OpenShift Logging 5.3",
"version": {
"version_data": [
{
"version_value": "v6.8.1-123",
"version_affected": "!"
"version_affected": "=",
"version_value": "origin-aggregated-logging versions 3.11"
}
]
}
@ -76,6 +54,11 @@
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052539",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2052539"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-21409",
"refsource": "MISC",
@ -85,49 +68,6 @@
"url": "https://github.com/openshift/origin-aggregated-logging/commit/d6b72d6c32e7c06b65324294d10406546734004d",
"refsource": "MISC",
"name": "https://github.com/openshift/origin-aggregated-logging/commit/d6b72d6c32e7c06b65324294d10406546734004d"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0721",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0721"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0727",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0727"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0728",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0728"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2022-0552",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2022-0552"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052539",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2052539"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}

54
2022/0xxx/CVE-2022-0646.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-0646",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device. A local user could use this flaw to crash the system or escalate their privileges on the system. It is actual from Linux Kernel 5.17-rc1 (when mctp-serial.c introduced) till 5.17-rc5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-459",
"cweId": "CWE-459"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,6 +40,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.17-rc5"
}
]
@ -30,37 +52,17 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-459"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://lore.kernel.org/all/20220211011552.1861886-1-jk%40codeconstruct.com.au",
"refsource": "MISC",
"name": "https://lore.kernel.org/all/20220211011552.1861886-1-jk@codeconstruct.com.au",
"url": "https://lore.kernel.org/all/20220211011552.1861886-1-jk@codeconstruct.com.au"
"name": "https://lore.kernel.org/all/20220211011552.1861886-1-jk%40codeconstruct.com.au"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220318-0006/",
"url": "https://security.netapp.com/advisory/ntap-20220318-0006/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device. A local user could use this flaw to crash the system or escalate their privileges on the system. It is actual from Linux Kernel 5.17-rc1 (when mctp-serial.c introduced) till 5.17-rc5."
"url": "https://security.netapp.com/advisory/ntap-20220318-0006/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20220318-0006/"
}
]
}

59
2022/0xxx/CVE-2022-0718.json
View File

@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Insufficiently Protected Credentials",
"value": "CWE-522 - Insufficiently Protected Credentials",
"cweId": "CWE-522"
}
]
@ -32,27 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenStack Platform 16.1",
"product_name": "openstack/python-oslo.utils",
"version": {
"version_data": [
{
"version_value": "0:3.41.6-1.20220426095230.f4deaad.el8ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenStack Platform 16.2",
"version": {
"version_data": [
{
"version_value": "0:3.41.6-2.20220111011750.el8ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "Affects all versions, Fixed in 4.10.1, 4.12.1."
}
]
}
@ -65,6 +54,11 @@
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056850",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2056850"
},
{
"url": "https://bugs.launchpad.net/oslo.utils/+bug/1949623",
"refsource": "MISC",
@ -85,44 +79,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2022-0718"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0993",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0993"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:8873",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:8873"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056850",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2056850"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00015.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2022/09/msg00015.html"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
]
}
}

48
2022/0xxx/CVE-2022-0725.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-0725",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,6 +40,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "no fix available"
}
]
@ -30,32 +52,12 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052696",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2052696",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052696"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs."
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2052696"
}
]
}

84
2022/0xxx/CVE-2022-0730.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-0730",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,6 +40,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.2.19"
}
]
@ -30,62 +52,42 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Cacti/cacti/issues/4562",
"refsource": "MISC",
"name": "https://github.com/Cacti/cacti/issues/4562",
"url": "https://github.com/Cacti/cacti/issues/4562"
"name": "https://github.com/Cacti/cacti/issues/4562"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-6a7e259e15",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZJERS4NYIGJUXEGT6ATUQA4CBYBRDLRA/"
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-e619e3d5d0",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVOALVZSCBFNOAAZVHTJFSFB7UDSNYQ2/"
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVOALVZSCBFNOAAZVHTJFSFB7UDSNYQ2/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVOALVZSCBFNOAAZVHTJFSFB7UDSNYQ2/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-70f5c7ff72",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZH67CCORDEYFG7NL7G6UH47PAV2PU7BA/"
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZH67CCORDEYFG7NL7G6UH47PAV2PU7BA/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZH67CCORDEYFG7NL7G6UH47PAV2PU7BA/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5298",
"url": "https://www.debian.org/security/2022/dsa-5298"
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJERS4NYIGJUXEGT6ATUQA4CBYBRDLRA/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJERS4NYIGJUXEGT6ATUQA4CBYBRDLRA/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types."
"url": "https://www.debian.org/security/2022/dsa-5298",
"refsource": "MISC",
"name": "https://www.debian.org/security/2022/dsa-5298"
}
]
}

64
2022/0xxx/CVE-2022-0812.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-0812",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor.",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,6 +40,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Fixed in v5.8-rc6"
}
]
@ -30,52 +52,32 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor."
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058361",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2058361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058361"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2058361"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058955",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2058955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058955"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2058955"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1"
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2022-0812",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2022-0812",
"url": "https://access.redhat.com/security/cve/CVE-2022-0812"
"name": "https://access.redhat.com/security/cve/CVE-2022-0812"
},
{
"url": "https://ubuntu.com/security/CVE-2022-0812",
"refsource": "MISC",
"name": "https://ubuntu.com/security/CVE-2022-0812",
"url": "https://ubuntu.com/security/CVE-2022-0812"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information."
"name": "https://ubuntu.com/security/CVE-2022-0812"
}
]
}

87
2022/0xxx/CVE-2022-0851.json
View File

@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "Improper Removal of Sensitive Information Before Storage or Transfer",
"cweId": "CWE-212"
"value": "CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor.",
"cweId": "CWE-200"
}
]
}
@ -32,38 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Convert2RHEL for RHEL-6",
"product_name": "convert2rhel",
"version": {
"version_data": [
{
"version_value": "0:1.0-1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Convert2RHEL for RHEL-7",
"version": {
"version_data": [
{
"version_value": "0:1.0-1.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Convert2RHEL for RHEL-8",
"version": {
"version_data": [
{
"version_value": "0:1.0-1.el8",
"version_affected": "!"
"version_affected": "=",
"version_value": "Not-Known"
}
]
}
@ -76,60 +54,15 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2022-0851",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2022-0851"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:6266",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:6266"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:6268",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:6268"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:6269",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:6269"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060217",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2060217"
}
]
},
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Toshio Kuratomi (Red Hat, Inc.)."
}
],
"impact": {
"cvss": [
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
"url": "https://access.redhat.com/security/cve/CVE-2022-0851",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2022-0851"
}
]
}

87
2022/0xxx/CVE-2022-0852.json
View File

@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Exposure of Private Personal Information to an Unauthorized Actor",
"value": "CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor.",
"cweId": "CWE-359"
}
]
@ -32,38 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Convert2RHEL for RHEL-6",
"product_name": "convert2rhel",
"version": {
"version_data": [
{
"version_value": "0:0.25-4.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Convert2RHEL for RHEL-7",
"version": {
"version_data": [
{
"version_value": "0:0.25-4.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Convert2RHEL for RHEL-8",
"version": {
"version_data": [
{
"version_value": "0:0.25-4.el8",
"version_affected": "!"
"version_affected": "=",
"version_value": "Fixed in v0.26."
}
]
}
@ -76,6 +54,11 @@
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060129",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2060129"
},
{
"url": "https://issues.redhat.com/browse/RHELC-432",
"refsource": "MISC",
@ -95,56 +78,6 @@
"url": "https://access.redhat.com/security/cve/CVE-2022-0852",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2022-0852"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1599",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1599"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1617",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1617"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1618",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1618"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060129",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2060129"
}
]
},
"work_around": [
{
"lang": "en",
"value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Toshio Kuratomi (Red Hat, Inc.)."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
]
}

71
2022/0xxx/CVE-2022-0853.json
View File

@ -1,34 +1,19 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-0853",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "jboss-client",
"version": {
"version_data": [
{
"version_value": "1.7"
}
]
}
}
]
}
}
]
}
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
@ -42,25 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "jboss-client",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060725",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2060725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060725"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2060725"
},
{
"url": "https://github.com/ByteHackr/CVE-2022-0853",
"refsource": "MISC",
"name": "https://github.com/ByteHackr/CVE-2022-0853",
"url": "https://github.com/ByteHackr/CVE-2022-0853"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability."
"name": "https://github.com/ByteHackr/CVE-2022-0853"
}
]
}