{"vulnerability": "cve-2022-4089", "sightings": [{"uuid": "aa58748e-1849-411b-97f5-67fd54aeefe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40896", "type": "seen", "source": "https://t.me/ctinow/182542", "content": "https://ift.tt/TWaQ6Lw\nCVE-2022-40896 | Oracle Utilities Network Management System 2.6.0.0/2.6.0.1 NMS Monitor denial of service", "creation_timestamp": "2024-02-10T12:41:35.000000Z"}, {"uuid": "60fdc6ab-123e-4a4d-b88d-a5e352650aa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40896", "type": "seen", "source": "https://t.me/cibsecurity/67005", "content": "\u203c CVE-2022-40896 \u203c\n\nA ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-19T18:21:47.000000Z"}, {"uuid": "43f3b2c1-6fc1-41d0-bfc1-cbbf4e002820", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40899", "type": "seen", "source": "https://t.me/cibsecurity/55219", "content": "\u203c CVE-2022-40899 \u203c\n\nAn issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-23T02:14:01.000000Z"}, {"uuid": "375313b3-67af-4efa-8888-8faaa4d5b6d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40897", "type": "seen", "source": "https://t.me/cibsecurity/55218", "content": "\u203c CVE-2022-40897 \u203c\n\nAn issue discovered in Python Packaging Authority (PyPA) setuptools 65.3.0 and earlier allows remote attackers to cause a denial of service via crafted HTML package or custom PackageIndex page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-23T02:14:00.000000Z"}, {"uuid": "09ab6c2d-e3e9-4096-be4e-274db4a1a9bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40890", "type": "seen", "source": "https://t.me/cibsecurity/50723", "content": "\u203c CVE-2022-40890 \u203c\n\nA vulnerability in /src/amf/amf-context.c in Open5GS 2.4.10 and earlier leads to AMF denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T16:34:58.000000Z"}, {"uuid": "356c6450-4ddb-416c-b253-b7c2b563a495", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40899", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11846", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40899\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server.\n\ud83d\udccf Published: 2022-12-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-15T15:52:06.467Z\n\ud83d\udd17 References:\n1. https://pypi.org/project/future/\n2. https://github.com/PythonCharmers/python-future/blob/master/src/future/backports/http/cookiejar.py#L215\n3. https://github.com/python/cpython/pull/17157\n4. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/\n5. https://github.com/PythonCharmers/python-future/pull/610", "creation_timestamp": "2025-04-15T15:54:36.000000Z"}, {"uuid": "b3f40e53-3ae8-483a-8355-a707426654d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40897", "type": "seen", "source": "https://gist.github.com/Ottapiens/e20fd8a5b3d73cb0ffa38013f25292e1", "content": "", "creation_timestamp": "2025-11-22T10:05:19.000000Z"}, {"uuid": "0af8b7f0-7af1-439b-9b5c-6155f16dd926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-40897", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "f66ecce7-19f3-46a8-bee4-b88881f9faae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40898", "type": "seen", "source": "https://t.me/arpsyndicate/2734", "content": "#ExploitObserverAlert\n\nCVE-2022-40898\n\nDESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-40898. An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.\n\nFIRST-EPSS: 0.002590000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-09T08:40:57.000000Z"}, {"uuid": "b79de27b-ea31-4981-82c7-3979ced73369", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4089", "type": "seen", "source": "https://t.me/cibsecurity/53469", "content": "\u203c CVE-2022-4089 \u203c\n\nA vulnerability was found in rickxy Stock Management System. It has been declared as problematic. This vulnerability affects unknown code of the file /pages/processlogin.php. The manipulation of the argument user leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214324.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-24T12:24:53.000000Z"}, {"uuid": "ac26215c-4975-49b1-beda-e9adda38efa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40897", "type": "seen", "source": "https://gist.github.com/Ottapiens/eec03543750502c92edc81d7c568d88c", "content": "", "creation_timestamp": "2025-11-22T10:06:48.000000Z"}, {"uuid": "fa76d9b6-839e-4d90-9bd5-6cee93b9c4d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40897", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}]}