VAR-202203-0145
Vulnerability from variot - Updated: 2026-04-10 23:37A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the WebGLMultiDraw component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current user.
For the oldstable distribution (buster), these problems have been fixed in version 2.36.0-3~deb10u1.
For the stable distribution (bullseye), these problems have been fixed in version 2.36.0-3~deb11u1.
We recommend that you upgrade your webkit2gtk packages. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2022-03-14-10 iTunes 12.12.3 for Windows
iTunes 12.12.3 for Windows addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213188. CVE-2022-22611: Xingyu Jin of Google
ImageIO Available for: Windows 10 and later Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2022-22612: Xingyu Jin of Google
WebKit Available for: Windows 10 and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cookie management issue was addressed with improved state management. WebKit Bugzilla: 234966 CVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro Zero Day Initiative
iTunes 12.12.3 for Windows may be obtained from: https://www.apple.com/itunes/download/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. Description:
Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.
For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.
Security fixes:
- CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY
- CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
- CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps
- CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
Bugs addressed:
- subctl diagnose firewall metrics does not work on merged kubeconfig (BZ# 2013711)
- [Submariner] - Fails to increase gateway amount after deployment (BZ# 2097381)
- Submariner gateway node does not get deleted with subctl cloud cleanup command (BZ# 2108634)
- submariner GW pods are unable to resolve the DNS of the Broker K8s API URL (BZ# 2119362)
- Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack (BZ# 2124219)
- unable to run subctl benchmark latency, pods fail with ImagePullBackOff (BZ# 2130326)
- [IBM Z] - Submariner addon unistallation doesnt work from ACM console (BZ# 2136442)
- Tags on AWS security group for gateway node break cloud-controller LoadBalancer (BZ# 2139477)
- RHACM - Submariner: UI support for OpenStack #19297 (ACM-1242)
- Submariner OVN support (ACM-1358)
- Submariner Azure Console support (ACM-1388)
- ManagedClusterSet consumers migrate to v1beta2 (ACM-1614)
- Submariner on disconnected ACM #22000 (ACM-1678)
- Submariner gateway: Error creating AWS security group if already exists (ACM-2055)
- Submariner gateway security group in AWS not deleted when uninstalling submariner (ACM-2057)
- The submariner-metrics-proxy pod pulls an image with wrong naming convention (ACM-2058)
- The submariner-metrics-proxy pod is not part of the Agent readiness check (ACM-2067)
- Subctl 0.14.0 prints version "vsubctl" (ACM-2132)
- managedclusters "local-cluster" not found and missing Submariner Broker CRD (ACM-2145)
- Add support of ARO to Submariner deployment (ACM-2150)
- The e2e tests execution fails for "Basic TCP connectivity" tests (ACM-2204)
- Gateway error shown "diagnose all" tests (ACM-2206)
- Submariner does not support cluster "kube-proxy ipvs mode"(ACM-2211)
- Vsphere cluster shows Pod Security admission controller warnings (ACM-2256)
- Cannot use submariner with OSP and self signed certs (ACM-2274)
- Subctl diagnose tests spawn nettest image with wrong tag nameing convention (ACM-2387)
-
Subctl 0.14.1 prints version "devel" (ACM-2482)
-
Bugs fixed (https://bugzilla.redhat.com/):
2013711 - subctl diagnose firewall metrics does not work on merged kubeconfig 2097381 - [Submariner] - Fails to increase gateway amount after deployment 2108634 - Submariner gateway node does not get deleted with subctl cloud cleanup command 2119362 - submariner GW pods are unable to resolve the DNS of the Broker K8s API URL 2124219 - Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack 2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 2130326 - unable to run subctl benchmark latency, pods fail with ImagePullBackOff 2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps 2136442 - [IBM Z] - Submariner addon unistallation doesnt work from ACM console 2139477 - Tags on AWS security group for gateway node break cloud-controller LoadBalancer 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
- JIRA issues fixed (https://issues.jboss.org/):
ACM-1614 - ManagedClusterSet consumers migrate to v1beta2 (Submariner) ACM-2055 - Submariner gateway: Error creating AWS security group if already exists ACM-2057 - [Submariner] - submariner gateway security group in aws not deleted when uninstalling submariner ACM-2058 - [Submariner] - The submariner-metrics-proxy pod pulls an image with wrong naming convention ACM-2067 - [Submariner] - The submariner-metrics-proxy pod is not part of the Agent readiness check ACM-2132 - Subctl 0.14.0 prints version "vsubctl" ACM-2145 - managedclusters "local-cluster" not found and missing Submariner Broker CRD ACM-2150 - Add support of ARO to Submariner deployment ACM-2204 - [Submariner] - e2e tests execution fails for "Basic TCP connectivity" tests ACM-2206 - [Submariner] - Gateway error shown "diagnose all" tests ACM-2211 - [Submariner] - Submariner does not support cluster "kube-proxy ipvs mode" ACM-2256 - [Submariner] - Vsphere cluster shows Pod Security admission controller warnings ACM-2274 - Cannot use submariner with OSP and self signed certs ACM-2387 - [Submariner] - subctl diagnose tests spawn nettest image with wrong tag nameing convention ACM-2482 - Subctl 0.14.1 prints version "devel"
- Description:
Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
This advisory covers container images for the release.
Security Fix(es):
- goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be (CVE-2021-4238)
- golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
- golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
- golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
- Istio: Denial of service attack via a specially crafted message (CVE-2022-39278)
- golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
- kiali: error message spoofing in kiali UI (CVE-2022-3962)
- golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)
For more details about security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, see the CVE page(s) listed in the Container CVEs section. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
2113814 - CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers 2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps 2148199 - CVE-2022-39278 Istio: Denial of service attack via a specially crafted message 2148661 - CVE-2022-3962 kiali: error message spoofing in kiali UI 2156729 - CVE-2021-4238 goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be
- JIRA issues fixed (https://issues.jboss.org/):
OSSM-1977 - Support for Istio Gateway API in Kiali OSSM-2083 - Update maistra/istio 2.3 to Istio 1.14.5 OSSM-2147 - Unexpected validation message on Gateway object OSSM-2169 - Member controller doesn't retry on conflict OSSM-2170 - Member namespaces aren't cleaned up when a cluster-scoped SMMR is deleted OSSM-2179 - Wasm plugins only support OCI images with 1 layer OSSM-2184 - Istiod isn't allowed to delete analysis distribution report configmap OSSM-2188 - Member namespaces not cleaned up when SMCP is deleted OSSM-2189 - If multiple SMCPs exist in a namespace, the controller reconciles them all OSSM-2190 - The memberroll controller reconciles SMMRs with invalid name OSSM-2232 - The member controller reconciles ServiceMeshMember with invalid name OSSM-2241 - Remove v2.0 from Create ServiceMeshControlPlane Form OSSM-2251 - CVE-2022-3962 openshift-istio-kiali-container: kiali: content spoofing [ossm-2.3] OSSM-2308 - add root CA certificates to kiali container OSSM-2315 - be able to customize openshift auth timeouts OSSM-2324 - Gateway injection does not work when pods are created by cluster admins OSSM-2335 - Potential hang using Traces scatterplot chart OSSM-2338 - Federation deployment does not need router mode sni-dnat OSSM-2344 - Restarting istiod causes Kiali to flood CRI-O with port-forward requests OSSM-2375 - Istiod should log member namespaces on every update OSSM-2376 - ServiceMesh federation stops working after the restart of istiod pod OSSM-535 - Support validationMessages in SMCP OSSM-827 - ServiceMeshMembers point to wrong SMCP name
- Description:
Service Binding manages the data plane for applications and backing services. Bugs fixed (https://bugzilla.redhat.com/):
2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
- JIRA issues fixed (https://issues.jboss.org/):
APPSVC-1204 - Provisioned Service discovery APPSVC-1256 - CVE-2022-41717
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: webkit2gtk3 security and bug fix update Advisory ID: RHSA-2022:7704-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7704 Issue date: 2022-11-08 CVE Names: CVE-2022-22624 CVE-2022-22628 CVE-2022-22629 CVE-2022-22662 CVE-2022-26700 CVE-2022-26709 CVE-2022-26710 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 CVE-2022-30293 ==================================================================== 1. Summary:
An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
- Description:
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source: webkit2gtk3-2.36.7-1.el8.src.rpm
aarch64: webkit2gtk3-2.36.7-1.el8.aarch64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-debugsource-2.36.7-1.el8.aarch64.rpm webkit2gtk3-devel-2.36.7-1.el8.aarch64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.aarch64.rpm
ppc64le: webkit2gtk3-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-debugsource-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-devel-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm
s390x: webkit2gtk3-2.36.7-1.el8.s390x.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-debugsource-2.36.7-1.el8.s390x.rpm webkit2gtk3-devel-2.36.7-1.el8.s390x.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.s390x.rpm
x86_64: webkit2gtk3-2.36.7-1.el8.i686.rpm webkit2gtk3-2.36.7-1.el8.x86_64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-debugsource-2.36.7-1.el8.i686.rpm webkit2gtk3-debugsource-2.36.7-1.el8.x86_64.rpm webkit2gtk3-devel-2.36.7-1.el8.i686.rpm webkit2gtk3-devel-2.36.7-1.el8.x86_64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source: glib2-2.56.4-159.el8.src.rpm
aarch64: glib2-2.56.4-159.el8.aarch64.rpm glib2-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-debugsource-2.56.4-159.el8.aarch64.rpm glib2-devel-2.56.4-159.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-fam-2.56.4-159.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-tests-2.56.4-159.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm
ppc64le: glib2-2.56.4-159.el8.ppc64le.rpm glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-debugsource-2.56.4-159.el8.ppc64le.rpm glib2-devel-2.56.4-159.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-fam-2.56.4-159.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-tests-2.56.4-159.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm
s390x: glib2-2.56.4-159.el8.s390x.rpm glib2-debuginfo-2.56.4-159.el8.s390x.rpm glib2-debugsource-2.56.4-159.el8.s390x.rpm glib2-devel-2.56.4-159.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm glib2-fam-2.56.4-159.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm glib2-tests-2.56.4-159.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm
x86_64: glib2-2.56.4-159.el8.i686.rpm glib2-2.56.4-159.el8.x86_64.rpm glib2-debuginfo-2.56.4-159.el8.i686.rpm glib2-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-debugsource-2.56.4-159.el8.i686.rpm glib2-debugsource-2.56.4-159.el8.x86_64.rpm glib2-devel-2.56.4-159.el8.i686.rpm glib2-devel-2.56.4-159.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-fam-2.56.4-159.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-tests-2.56.4-159.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
aarch64: glib2-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-debugsource-2.56.4-159.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-static-2.56.4-159.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm
noarch: glib2-doc-2.56.4-159.el8.noarch.rpm
ppc64le: glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-debugsource-2.56.4-159.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-static-2.56.4-159.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm
s390x: glib2-debuginfo-2.56.4-159.el8.s390x.rpm glib2-debugsource-2.56.4-159.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm glib2-static-2.56.4-159.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm
x86_64: glib2-debuginfo-2.56.4-159.el8.i686.rpm glib2-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-debugsource-2.56.4-159.el8.i686.rpm glib2-debugsource-2.56.4-159.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-static-2.56.4-159.el8.i686.rpm glib2-static-2.56.4-159.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2022-22624 https://access.redhat.com/security/cve/CVE-2022-22628 https://access.redhat.com/security/cve/CVE-2022-22629 https://access.redhat.com/security/cve/CVE-2022-22662 https://access.redhat.com/security/cve/CVE-2022-26700 https://access.redhat.com/security/cve/CVE-2022-26709 https://access.redhat.com/security/cve/CVE-2022-26710 https://access.redhat.com/security/cve/CVE-2022-26716 https://access.redhat.com/security/cve/CVE-2022-26717 https://access.redhat.com/security/cve/CVE-2022-26719 https://access.redhat.com/security/cve/CVE-2022-30293 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBY2pSR9zjgjWX9erEAQiQFQ//YREiZYxfs4xndA0wPNv+fq6qubz4ht3h FycNYUUhtiB+KqnpXfelECae9VC+jtDaBqrmopN4kGYPERbIBNOaxDM/AjiwQoRy WAMPMG0Nf7bES6RH793l9a36dPezHS7FQymSw1UsWgiFLEzalcP41UhJmz2ehhnF 89oC3QQ831rCFn637hiTMFkaOMhQsR+P7iCnpDXEA9f3jadtWkMk+ALkddEGR+zr bbCVMi3vd4q1w854SOU0mZjdBXd3JKcBFq5Iux1gY6XVDCilgU6QgZaltJJQx2u6 J3qGFykmSwgoCfvz2QUBMH5x3gYJHknfa1CrqgOtOC5gpO9ChEyRg7T5aC/mpY4P kfFh0VJEOZS29b34KOlKvXCRbgDjvuBy8EHvqJCs29a9ISOWOpZ8qsLDjTMBk+MR AU+J3Ym3ZiRaQhpFDDSakcuub0DAHESbokIsTHlsOt8J80GspJod3GRl2BUfY4FH uVH6t7IIL0k6zL/1si7cEnT1uMxp7rPh70KPSG0hm2CHrJ6MOLt9D6/eAuj7xAEL vkxev1kJ28kXoovVYmylhcjxX4w6v1M9QGE7IBMFEnFDi6btyWNDjD1vLGvmbuIT iJ120wnUt3kGH0vMLO2+Rfwj7jYVyR08tTY8JDtrxbhrUThjhJ9GCTLg3s+MaYVk J8NwK2xt2AQ=vhlq -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Solution:
For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html
For Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:
https://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html
- JIRA issues fixed (https://issues.jboss.org/):
LOG-2860 - Error on LokiStack Components when forwarding logs to Loki on proxy cluster LOG-3131 - vector: kube API server certificate validation failure due to hostname mismatch LOG-3222 - [release-5.5] fluentd plugin for kafka ca-bundle secret doesn't support multiple CAs LOG-3226 - FluentdQueueLengthIncreasing rule failing to be evaluated. LOG-3284 - [release-5.5][Vector] logs parsed into structured when json is set without structured types. LOG-3287 - [release-5.5] Increase value of cluster-logging PriorityClass to move closer to system-cluster-critical value LOG-3301 - [release-5.5][ClusterLogging] elasticsearchStatus in ClusterLogging instance CR is not updated when Elasticsearch status is changed LOG-3305 - [release-5.5] Kibana Authentication Exception cookie issue LOG-3310 - [release-5.5] Can't choose correct CA ConfigMap Key when creating lokistack in Console LOG-3332 - [release-5.5] Reconcile error on controller when creating LokiStack with tls config
6
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.12.3"
},
{
"_id": null,
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.4"
},
{
"_id": null,
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "8.5"
},
{
"_id": null,
"model": "ipados",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.4"
},
{
"_id": null,
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.3"
},
{
"_id": null,
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.4"
},
{
"_id": null,
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "12.0.0"
},
{
"_id": null,
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.4"
},
{
"_id": null,
"model": "safari",
"scope": null,
"trust": 0.7,
"vendor": "apple",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-517"
},
{
"db": "NVD",
"id": "CVE-2022-22629"
}
]
},
"credits": {
"_id": null,
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-517"
}
],
"trust": 0.7
},
"cve": "CVE-2022-22629",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-22629",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-22629",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-22629",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2022-22629",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2022-22629",
"trust": 0.7,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-517"
},
{
"db": "NVD",
"id": "CVE-2022-22629"
},
{
"db": "NVD",
"id": "CVE-2022-22629"
}
]
},
"description": {
"_id": null,
"data": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the WebGLMultiDraw component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current user. \n\nFor the oldstable distribution (buster), these problems have been fixed\nin version 2.36.0-3~deb10u1. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 2.36.0-3~deb11u1. \n\nWe recommend that you upgrade your webkit2gtk packages. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2022-03-14-10 iTunes 12.12.3 for Windows\n\niTunes 12.12.3 for Windows addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT213188. \nCVE-2022-22611: Xingyu Jin of Google\n\nImageIO\nAvailable for: Windows 10 and later\nImpact: Processing a maliciously crafted image may lead to heap\ncorruption\nDescription: A memory consumption issue was addressed with improved\nmemory handling. \nCVE-2022-22612: Xingyu Jin of Google\n\nWebKit\nAvailable for: Windows 10 and later\nImpact: Processing maliciously crafted web content may disclose\nsensitive user information\nDescription: A cookie management issue was addressed with improved\nstate management. \nWebKit Bugzilla: 234966\nCVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro\nZero Day Initiative\n\niTunes 12.12.3 for Windows may be obtained from:\nhttps://www.apple.com/itunes/download/\nAll information is also posted on the Apple Security Updates\nweb site: https://support.apple.com/en-us/HT201222. Description:\n\nSubmariner enables direct networking between pods and services on different\nKubernetes clusters that are either on-premises or in the cloud. \n\nFor more information about Submariner, see the Submariner open source\ncommunity website at: https://submariner.io/. \n\nSecurity fixes:\n\n* CVE-2022-27664 golang: net/http: handle server errors after sending\nGOAWAY\n* CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward\nunparseable query parameters\n* CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing\nregexps\n* CVE-2022-41717 golang: net/http: An attacker can cause excessive memory\ngrowth in a Go server accepting HTTP/2 requests\n\nBugs addressed:\n\n* subctl diagnose firewall metrics does not work on merged kubeconfig (BZ#\n2013711)\n* [Submariner] - Fails to increase gateway amount after deployment (BZ#\n2097381)\n* Submariner gateway node does not get deleted with subctl cloud cleanup\ncommand (BZ# 2108634)\n* submariner GW pods are unable to resolve the DNS of the Broker K8s API\nURL (BZ# 2119362)\n* Submariner gateway node does not get deployed after applying\nManagedClusterAddOn on Openstack (BZ# 2124219)\n* unable to run subctl benchmark latency, pods fail with ImagePullBackOff\n(BZ# 2130326)\n* [IBM Z] - Submariner addon unistallation doesnt work from ACM console\n(BZ# 2136442)\n* Tags on AWS security group for gateway node break cloud-controller\nLoadBalancer (BZ# 2139477)\n* RHACM - Submariner: UI support for OpenStack #19297 (ACM-1242)\n* Submariner OVN support (ACM-1358)\n* Submariner Azure Console support (ACM-1388)\n* ManagedClusterSet consumers migrate to v1beta2 (ACM-1614)\n* Submariner on disconnected ACM #22000 (ACM-1678)\n* Submariner gateway: Error creating AWS security group if already exists\n(ACM-2055)\n* Submariner gateway security group in AWS not deleted when uninstalling\nsubmariner (ACM-2057)\n* The submariner-metrics-proxy pod pulls an image with wrong naming\nconvention (ACM-2058)\n* The submariner-metrics-proxy pod is not part of the Agent readiness check\n(ACM-2067)\n* Subctl 0.14.0 prints version \"vsubctl\" (ACM-2132)\n* managedclusters \"local-cluster\" not found and missing Submariner Broker\nCRD (ACM-2145)\n* Add support of ARO to Submariner deployment (ACM-2150)\n* The e2e tests execution fails for \"Basic TCP connectivity\" tests\n(ACM-2204)\n* Gateway error shown \"diagnose all\" tests (ACM-2206)\n* Submariner does not support cluster \"kube-proxy ipvs mode\"(ACM-2211)\n* Vsphere cluster shows Pod Security admission controller warnings\n(ACM-2256)\n* Cannot use submariner with OSP and self signed certs (ACM-2274)\n* Subctl diagnose tests spawn nettest image with wrong tag nameing\nconvention (ACM-2387)\n* Subctl 0.14.1 prints version \"devel\" (ACM-2482)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n2013711 - subctl diagnose firewall metrics does not work on merged kubeconfig\n2097381 - [Submariner] - Fails to increase gateway amount after deployment\n2108634 - Submariner gateway node does not get deleted with subctl cloud cleanup command\n2119362 - submariner GW pods are unable to resolve the DNS of the Broker K8s API URL\n2124219 - Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack\n2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY\n2130326 - unable to run subctl benchmark latency, pods fail with ImagePullBackOff\n2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters\n2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps\n2136442 - [IBM Z] - Submariner addon unistallation doesnt work from ACM console\n2139477 - Tags on AWS security group for gateway node break cloud-controller LoadBalancer\n2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nACM-1614 - ManagedClusterSet consumers migrate to v1beta2 (Submariner)\nACM-2055 - Submariner gateway: Error creating AWS security group if already exists\nACM-2057 - [Submariner] - submariner gateway security group in aws not deleted when uninstalling submariner\nACM-2058 - [Submariner] - The submariner-metrics-proxy pod pulls an image with wrong naming convention\nACM-2067 - [Submariner] - The submariner-metrics-proxy pod is not part of the Agent readiness check\nACM-2132 - Subctl 0.14.0 prints version \"vsubctl\"\nACM-2145 - managedclusters \"local-cluster\" not found and missing Submariner Broker CRD\nACM-2150 - Add support of ARO to Submariner deployment\nACM-2204 - [Submariner] - e2e tests execution fails for \"Basic TCP connectivity\" tests\nACM-2206 - [Submariner] - Gateway error shown \"diagnose all\" tests\nACM-2211 - [Submariner] - Submariner does not support cluster \"kube-proxy ipvs mode\"\nACM-2256 - [Submariner] - Vsphere cluster shows Pod Security admission controller warnings\nACM-2274 - Cannot use submariner with OSP and self signed certs\nACM-2387 - [Submariner] - subctl diagnose tests spawn nettest image with wrong tag nameing convention\nACM-2482 - Subctl 0.14.1 prints version \"devel\"\n\n6. Description:\n\nRed Hat OpenShift Service Mesh is the Red Hat distribution of the Istio\nservice mesh project, tailored for installation into an on-premise\nOpenShift Container Platform installation. \n\nThis advisory covers container images for the release. \n\nSecurity Fix(es):\n\n* goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as\nrandom as they should be (CVE-2021-4238)\n* golang: archive/tar: unbounded memory consumption when reading headers\n(CVE-2022-2879)\n* golang: net/http/httputil: ReverseProxy should not forward unparseable\nquery parameters (CVE-2022-2880)\n* golang: net/http: handle server errors after sending GOAWAY\n(CVE-2022-27664)\n* Istio: Denial of service attack via a specially crafted message\n(CVE-2022-39278)\n* golang: regexp/syntax: limit memory used by parsing regexps\n(CVE-2022-41715)\n* kiali: error message spoofing in kiali UI (CVE-2022-3962)\n* golang: math/big: decoding big.Float and big.Rat types can panic if the\nencoded message is too short, potentially allowing a denial of service\n(CVE-2022-32189)\n\nFor more details about security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, see the CVE page(s)\nlisted in the Container CVEs section. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):\n\n2113814 - CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service\n2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY\n2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers\n2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters\n2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps\n2148199 - CVE-2022-39278 Istio: Denial of service attack via a specially crafted message\n2148661 - CVE-2022-3962 kiali: error message spoofing in kiali UI\n2156729 - CVE-2021-4238 goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nOSSM-1977 - Support for Istio Gateway API in Kiali\nOSSM-2083 - Update maistra/istio 2.3 to Istio 1.14.5\nOSSM-2147 - Unexpected validation message on Gateway object\nOSSM-2169 - Member controller doesn\u0027t retry on conflict\nOSSM-2170 - Member namespaces aren\u0027t cleaned up when a cluster-scoped SMMR is deleted\nOSSM-2179 - Wasm plugins only support OCI images with 1 layer\nOSSM-2184 - Istiod isn\u0027t allowed to delete analysis distribution report configmap\nOSSM-2188 - Member namespaces not cleaned up when SMCP is deleted\nOSSM-2189 - If multiple SMCPs exist in a namespace, the controller reconciles them all\nOSSM-2190 - The memberroll controller reconciles SMMRs with invalid name\nOSSM-2232 - The member controller reconciles ServiceMeshMember with invalid name\nOSSM-2241 - Remove v2.0 from Create ServiceMeshControlPlane Form\nOSSM-2251 - CVE-2022-3962 openshift-istio-kiali-container: kiali: content spoofing [ossm-2.3]\nOSSM-2308 - add root CA certificates to kiali container\nOSSM-2315 - be able to customize openshift auth timeouts\nOSSM-2324 - Gateway injection does not work when pods are created by cluster admins\nOSSM-2335 - Potential hang using Traces scatterplot chart\nOSSM-2338 - Federation deployment does not need router mode sni-dnat\nOSSM-2344 - Restarting istiod causes Kiali to flood CRI-O with port-forward requests\nOSSM-2375 - Istiod should log member namespaces on every update\nOSSM-2376 - ServiceMesh federation stops working after the restart of istiod pod\nOSSM-535 - Support validationMessages in SMCP\nOSSM-827 - ServiceMeshMembers point to wrong SMCP name\n\n6. Description:\n\nService Binding manages the data plane for applications and backing\nservices. Bugs fixed (https://bugzilla.redhat.com/):\n\n2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nAPPSVC-1204 - Provisioned Service discovery\nAPPSVC-1256 - CVE-2022-41717\n\n6. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: webkit2gtk3 security and bug fix update\nAdvisory ID: RHSA-2022:7704-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:7704\nIssue date: 2022-11-08\nCVE Names: CVE-2022-22624 CVE-2022-22628 CVE-2022-22629\n CVE-2022-22662 CVE-2022-26700 CVE-2022-26709\n CVE-2022-26710 CVE-2022-26716 CVE-2022-26717\n CVE-2022-26719 CVE-2022-30293\n====================================================================\n1. Summary:\n\nAn update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise\nLinux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nWebKitGTK is the port of the portable web rendering engine WebKit to the\nGTK platform. \n\nGLib provides the core application building blocks for libraries and\napplications written in C. It provides the core object system used in\nGNOME, the main loop implementation, and a large set of utility functions\nfor strings and common data structures. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.7 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux AppStream (v. 8):\n\nSource:\nwebkit2gtk3-2.36.7-1.el8.src.rpm\n\naarch64:\nwebkit2gtk3-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-debuginfo-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-debugsource-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-devel-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-devel-debuginfo-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-jsc-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-jsc-debuginfo-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-jsc-devel-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.aarch64.rpm\n\nppc64le:\nwebkit2gtk3-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-debuginfo-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-debugsource-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-devel-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-jsc-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-jsc-debuginfo-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-jsc-devel-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm\n\ns390x:\nwebkit2gtk3-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-debuginfo-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-debugsource-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-devel-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-devel-debuginfo-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-jsc-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-jsc-debuginfo-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-jsc-devel-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.s390x.rpm\n\nx86_64:\nwebkit2gtk3-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-debuginfo-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-debuginfo-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-debugsource-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-debugsource-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-devel-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-devel-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-devel-debuginfo-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-devel-debuginfo-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-jsc-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-jsc-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-jsc-debuginfo-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-jsc-debuginfo-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-jsc-devel-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-jsc-devel-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.x86_64.rpm\n\nRed Hat Enterprise Linux BaseOS (v. 8):\n\nSource:\nglib2-2.56.4-159.el8.src.rpm\n\naarch64:\nglib2-2.56.4-159.el8.aarch64.rpm\nglib2-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-debugsource-2.56.4-159.el8.aarch64.rpm\nglib2-devel-2.56.4-159.el8.aarch64.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-fam-2.56.4-159.el8.aarch64.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-tests-2.56.4-159.el8.aarch64.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm\n\nppc64le:\nglib2-2.56.4-159.el8.ppc64le.rpm\nglib2-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-debugsource-2.56.4-159.el8.ppc64le.rpm\nglib2-devel-2.56.4-159.el8.ppc64le.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-fam-2.56.4-159.el8.ppc64le.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-tests-2.56.4-159.el8.ppc64le.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm\n\ns390x:\nglib2-2.56.4-159.el8.s390x.rpm\nglib2-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-debugsource-2.56.4-159.el8.s390x.rpm\nglib2-devel-2.56.4-159.el8.s390x.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-fam-2.56.4-159.el8.s390x.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-tests-2.56.4-159.el8.s390x.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm\n\nx86_64:\nglib2-2.56.4-159.el8.i686.rpm\nglib2-2.56.4-159.el8.x86_64.rpm\nglib2-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-debugsource-2.56.4-159.el8.i686.rpm\nglib2-debugsource-2.56.4-159.el8.x86_64.rpm\nglib2-devel-2.56.4-159.el8.i686.rpm\nglib2-devel-2.56.4-159.el8.x86_64.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-fam-2.56.4-159.el8.x86_64.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-tests-2.56.4-159.el8.x86_64.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm\n\nRed Hat CodeReady Linux Builder (v. 8):\n\naarch64:\nglib2-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-debugsource-2.56.4-159.el8.aarch64.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-static-2.56.4-159.el8.aarch64.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm\n\nnoarch:\nglib2-doc-2.56.4-159.el8.noarch.rpm\n\nppc64le:\nglib2-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-debugsource-2.56.4-159.el8.ppc64le.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-static-2.56.4-159.el8.ppc64le.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm\n\ns390x:\nglib2-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-debugsource-2.56.4-159.el8.s390x.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-static-2.56.4-159.el8.s390x.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm\n\nx86_64:\nglib2-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-debugsource-2.56.4-159.el8.i686.rpm\nglib2-debugsource-2.56.4-159.el8.x86_64.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-static-2.56.4-159.el8.i686.rpm\nglib2-static-2.56.4-159.el8.x86_64.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2022-22624\nhttps://access.redhat.com/security/cve/CVE-2022-22628\nhttps://access.redhat.com/security/cve/CVE-2022-22629\nhttps://access.redhat.com/security/cve/CVE-2022-22662\nhttps://access.redhat.com/security/cve/CVE-2022-26700\nhttps://access.redhat.com/security/cve/CVE-2022-26709\nhttps://access.redhat.com/security/cve/CVE-2022-26710\nhttps://access.redhat.com/security/cve/CVE-2022-26716\nhttps://access.redhat.com/security/cve/CVE-2022-26717\nhttps://access.redhat.com/security/cve/CVE-2022-26719\nhttps://access.redhat.com/security/cve/CVE-2022-30293\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBY2pSR9zjgjWX9erEAQiQFQ//YREiZYxfs4xndA0wPNv+fq6qubz4ht3h\nFycNYUUhtiB+KqnpXfelECae9VC+jtDaBqrmopN4kGYPERbIBNOaxDM/AjiwQoRy\nWAMPMG0Nf7bES6RH793l9a36dPezHS7FQymSw1UsWgiFLEzalcP41UhJmz2ehhnF\n89oC3QQ831rCFn637hiTMFkaOMhQsR+P7iCnpDXEA9f3jadtWkMk+ALkddEGR+zr\nbbCVMi3vd4q1w854SOU0mZjdBXd3JKcBFq5Iux1gY6XVDCilgU6QgZaltJJQx2u6\nJ3qGFykmSwgoCfvz2QUBMH5x3gYJHknfa1CrqgOtOC5gpO9ChEyRg7T5aC/mpY4P\nkfFh0VJEOZS29b34KOlKvXCRbgDjvuBy8EHvqJCs29a9ISOWOpZ8qsLDjTMBk+MR\nAU+J3Ym3ZiRaQhpFDDSakcuub0DAHESbokIsTHlsOt8J80GspJod3GRl2BUfY4FH\nuVH6t7IIL0k6zL/1si7cEnT1uMxp7rPh70KPSG0hm2CHrJ6MOLt9D6/eAuj7xAEL\nvkxev1kJ28kXoovVYmylhcjxX4w6v1M9QGE7IBMFEnFDi6btyWNDjD1vLGvmbuIT\niJ120wnUt3kGH0vMLO2+Rfwj7jYVyR08tTY8JDtrxbhrUThjhJ9GCTLg3s+MaYVk\nJ8NwK2xt2AQ=vhlq\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nFor OpenShift Container Platform 4.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply\nthis update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html\n\n4. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-2860 - Error on LokiStack Components when forwarding logs to Loki on proxy cluster\nLOG-3131 - vector: kube API server certificate validation failure due to hostname mismatch\nLOG-3222 - [release-5.5] fluentd plugin for kafka ca-bundle secret doesn\u0027t support multiple CAs\nLOG-3226 - FluentdQueueLengthIncreasing rule failing to be evaluated. \nLOG-3284 - [release-5.5][Vector] logs parsed into structured when json is set without structured types. \nLOG-3287 - [release-5.5] Increase value of cluster-logging PriorityClass to move closer to system-cluster-critical value\nLOG-3301 - [release-5.5][ClusterLogging] elasticsearchStatus in ClusterLogging instance CR is not updated when Elasticsearch status is changed\nLOG-3305 - [release-5.5] Kibana Authentication Exception cookie issue\nLOG-3310 - [release-5.5] Can\u0027t choose correct CA ConfigMap Key when creating lokistack in Console\nLOG-3332 - [release-5.5] Reconcile error on controller when creating LokiStack with tls config\n\n6",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22629"
},
{
"db": "ZDI",
"id": "ZDI-22-517"
},
{
"db": "VULHUB",
"id": "VHN-411257"
},
{
"db": "VULMON",
"id": "CVE-2022-22629"
},
{
"db": "PACKETSTORM",
"id": "169243"
},
{
"db": "PACKETSTORM",
"id": "166314"
},
{
"db": "PACKETSTORM",
"id": "170956"
},
{
"db": "PACKETSTORM",
"id": "170898"
},
{
"db": "PACKETSTORM",
"id": "170806"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "169760"
},
{
"db": "PACKETSTORM",
"id": "170162"
},
{
"db": "PACKETSTORM",
"id": "172460"
}
],
"trust": 2.52
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2022-22629",
"trust": 2.8
},
{
"db": "ZDI",
"id": "ZDI-22-517",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15747",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166314",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "170956",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "169760",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "170898",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "170210",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166318",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166316",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169920",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171026",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171144",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168226",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166317",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169889",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-411257",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-22629",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169243",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170806",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171127",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170162",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "172460",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-517"
},
{
"db": "VULHUB",
"id": "VHN-411257"
},
{
"db": "VULMON",
"id": "CVE-2022-22629"
},
{
"db": "PACKETSTORM",
"id": "169243"
},
{
"db": "PACKETSTORM",
"id": "166314"
},
{
"db": "PACKETSTORM",
"id": "170956"
},
{
"db": "PACKETSTORM",
"id": "170898"
},
{
"db": "PACKETSTORM",
"id": "170806"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "169760"
},
{
"db": "PACKETSTORM",
"id": "170162"
},
{
"db": "PACKETSTORM",
"id": "172460"
},
{
"db": "NVD",
"id": "CVE-2022-22629"
}
]
},
"id": "VAR-202203-0145",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-411257"
}
],
"trust": 0.01
},
"last_update_date": "2026-04-10T23:37:20.905000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Apple has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://support.apple.com/en-us/HT213187"
},
{
"title": "Debian Security Advisories: DSA-5115-1 webkit2gtk -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=402293ed3f2cdd93315804311726c6ba"
},
{
"title": "Debian Security Advisories: DSA-5116-1 wpewebkit -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=ed0e5704d3f401ded3b048d93f219bb2"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2022-22629"
},
{
"title": "Apple: iOS 15.4 and iPadOS 15.4",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=14b60b166a667fc4faf52d81847a180a"
},
{
"title": "Apple: macOS Monterey 12.3",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=f1105c4a20da11497b610b14a1668180"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-517"
},
{
"db": "VULMON",
"id": "CVE-2022-22629"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411257"
},
{
"db": "NVD",
"id": "CVE-2022-22629"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.8,
"url": "https://support.apple.com/en-us/ht213187"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213182"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213183"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213186"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213188"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213193"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22624"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22629"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22628"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-22662"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-26700"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-26717"
},
{
"trust": 0.7,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-26719"
},
{
"trust": 0.7,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-26709"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-26716"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-22629"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-22628"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-22624"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-26710"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2022-30293"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22662"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-1304"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-42898"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-27664"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2021-46848"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-35737"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26700"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-2880"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26709"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26710"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-41715"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1304"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-46848"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26717"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26716"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26719"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-3709"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2022-40304"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3709"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2022-40303"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-42011"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-2879"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-42012"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-43680"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-2509"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-42010"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-37434"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-3515"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-41717"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-32189"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2509"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35525"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-35527"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35527"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-35525"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-47629"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30293"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1586"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-34903"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/2022/dsa-5115"
},
{
"trust": 0.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-517/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/webkit2gtk"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22611"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22612"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht201222."
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht213188."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0709"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-21835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-21843"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2601"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3775"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3821"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2601"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/submariner#deploying-submariner-console"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-40674"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30699"
},
{
"trust": 0.1,
"url": "https://submariner.io/."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30698"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-41974"
},
{
"trust": 0.1,
"url": "https://submariner.io/getting-started/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0631"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3787"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-39278"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21713"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0542"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30630"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21713"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21673"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23648"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21673"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23648"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21703"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28131"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21698"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30631"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30635"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21698"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4238"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30633"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30632"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4238"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32148"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21703"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21702"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3962"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21702"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-35737"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:7704"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-22844"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28390"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27406"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21619"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24448"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27950"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3640"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2068"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36558"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0168"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0854"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-20368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0617"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0865"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0562"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:8781"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25255"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21624"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0168"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36516"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1016"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28893"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3640"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21618"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1927"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2078"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27405"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0891"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0617"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21626"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-39399"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1852"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-36946"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0562"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42003"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1055"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-26373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2938"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1355"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27404"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0909"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1048"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36516"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0561"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0924"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23960"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36518"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1785"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0908"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29581"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0561"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1184"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1897"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36518"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21499"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1292"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21628"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42004"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-37603"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-23916"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0584"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-41724"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32190"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-0361"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-4450"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-4415"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-4304"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-41725"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-0215"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-0286"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27664"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-517"
},
{
"db": "VULHUB",
"id": "VHN-411257"
},
{
"db": "VULMON",
"id": "CVE-2022-22629"
},
{
"db": "PACKETSTORM",
"id": "169243"
},
{
"db": "PACKETSTORM",
"id": "166314"
},
{
"db": "PACKETSTORM",
"id": "170956"
},
{
"db": "PACKETSTORM",
"id": "170898"
},
{
"db": "PACKETSTORM",
"id": "170806"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "169760"
},
{
"db": "PACKETSTORM",
"id": "170162"
},
{
"db": "PACKETSTORM",
"id": "172460"
},
{
"db": "NVD",
"id": "CVE-2022-22629"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-22-517",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-411257",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2022-22629",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169243",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "166314",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "170956",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "170898",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "170806",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "171127",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169760",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "170162",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "172460",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2022-22629",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2022-03-22T00:00:00",
"db": "ZDI",
"id": "ZDI-22-517",
"ident": null
},
{
"date": "2022-09-23T00:00:00",
"db": "VULHUB",
"id": "VHN-411257",
"ident": null
},
{
"date": "2022-04-28T19:12:00",
"db": "PACKETSTORM",
"id": "169243",
"ident": null
},
{
"date": "2022-03-15T15:46:09",
"db": "PACKETSTORM",
"id": "166314",
"ident": null
},
{
"date": "2023-02-10T15:49:15",
"db": "PACKETSTORM",
"id": "170956",
"ident": null
},
{
"date": "2023-02-08T16:00:47",
"db": "PACKETSTORM",
"id": "170898",
"ident": null
},
{
"date": "2023-01-31T17:11:04",
"db": "PACKETSTORM",
"id": "170806",
"ident": null
},
{
"date": "2023-02-27T14:51:11",
"db": "PACKETSTORM",
"id": "171127",
"ident": null
},
{
"date": "2022-11-08T13:47:18",
"db": "PACKETSTORM",
"id": "169760",
"ident": null
},
{
"date": "2022-12-08T16:34:22",
"db": "PACKETSTORM",
"id": "170162",
"ident": null
},
{
"date": "2023-05-19T14:41:19",
"db": "PACKETSTORM",
"id": "172460",
"ident": null
},
{
"date": "2022-09-23T20:15:09.307000",
"db": "NVD",
"id": "CVE-2022-22629",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2024-07-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-517",
"ident": null
},
{
"date": "2022-09-27T00:00:00",
"db": "VULHUB",
"id": "VHN-411257",
"ident": null
},
{
"date": "2025-05-22T15:15:54.577000",
"db": "NVD",
"id": "CVE-2022-22629",
"ident": null
}
]
},
"title": {
"_id": null,
"data": "Apple Safari WebGLMultiDraw Heap-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-517"
}
],
"trust": 0.7
},
"type": {
"_id": null,
"data": "overflow, code execution",
"sources": [
{
"db": "PACKETSTORM",
"id": "166314"
},
{
"db": "PACKETSTORM",
"id": "169760"
}
],
"trust": 0.2
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.