VAR-202203-1690
Vulnerability from variot - Updated: 2026-03-09 20:35zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.3.11 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Bugs fixed (https://bugzilla.redhat.com/):
2057544 - Cancel rpm-ostree transaction after failed rebase 2058674 - whereabouts IPAM CNI ip-reconciler cronjob specification requires hostnetwork, api-int lb usage & proper backoff 2062655 - [4.8.z backport] cluster scaling new nodes ovs-configuration fails on all new nodes 2070762 - [4.8z] WebScale: duplicate ecmp next hop error caused by multiple of the same gateway IPs in ovnkube cache 2074053 - Internal registries with a big number of images delay pod creation due to recursive SELinux file context relabeling 2074680 - csv_succeeded metric not present in olm-operator for all successful CSVs 2076211 - CVE-2022-1677 openshift/router: route hijacking attack via crafted HAProxy configuration file 2077004 - Bump to latest available 1.21.11 k8s 2077370 - [4.8.z] NetworkPolicy tests are failing on metal IPv6 2077765 - (release-4.8) Gather namespace names with overlapping UID ranges 2078477 - Latest ose-jenkins-agent-base:v4.9.0 image fails to start on OpenShift due to FIPS error 2084259 - [4.8] OCP ignores STOPSIGNAL in Dockerfile and sends SIGTERM 2088196 - Redfish set boot device failed for node in OCP 4.8 latest RC
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: zlib security update Advisory ID: RHSA-2023:0943-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0943 Issue date: 2023-02-28 CVE Names: CVE-2018-25032 =====================================================================
- Summary:
An update for zlib is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.7) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.7) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.7) - x86_64
- Description:
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs.
Security Fix(es):
- zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.7):
Source: zlib-1.2.7-18.el7_7.1.src.rpm
x86_64: zlib-1.2.7-18.el7_7.1.i686.rpm zlib-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-devel-1.2.7-18.el7_7.1.i686.rpm zlib-devel-1.2.7-18.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.7):
Source: zlib-1.2.7-18.el7_7.1.src.rpm
ppc64le: zlib-1.2.7-18.el7_7.1.ppc64le.rpm zlib-debuginfo-1.2.7-18.el7_7.1.ppc64le.rpm zlib-devel-1.2.7-18.el7_7.1.ppc64le.rpm
x86_64: zlib-1.2.7-18.el7_7.1.i686.rpm zlib-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-devel-1.2.7-18.el7_7.1.i686.rpm zlib-devel-1.2.7-18.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.7):
Source: zlib-1.2.7-18.el7_7.1.src.rpm
x86_64: zlib-1.2.7-18.el7_7.1.i686.rpm zlib-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-devel-1.2.7-18.el7_7.1.i686.rpm zlib-devel-1.2.7-18.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.7):
x86_64: minizip-1.2.7-18.el7_7.1.i686.rpm minizip-1.2.7-18.el7_7.1.x86_64.rpm minizip-devel-1.2.7-18.el7_7.1.i686.rpm minizip-devel-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-static-1.2.7-18.el7_7.1.i686.rpm zlib-static-1.2.7-18.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.7):
ppc64le: minizip-1.2.7-18.el7_7.1.ppc64le.rpm minizip-devel-1.2.7-18.el7_7.1.ppc64le.rpm zlib-debuginfo-1.2.7-18.el7_7.1.ppc64le.rpm zlib-static-1.2.7-18.el7_7.1.ppc64le.rpm
x86_64: minizip-1.2.7-18.el7_7.1.i686.rpm minizip-1.2.7-18.el7_7.1.x86_64.rpm minizip-devel-1.2.7-18.el7_7.1.i686.rpm minizip-devel-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-static-1.2.7-18.el7_7.1.i686.rpm zlib-static-1.2.7-18.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.7):
x86_64: minizip-1.2.7-18.el7_7.1.i686.rpm minizip-1.2.7-18.el7_7.1.x86_64.rpm minizip-devel-1.2.7-18.el7_7.1.i686.rpm minizip-devel-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-static-1.2.7-18.el7_7.1.i686.rpm zlib-static-1.2.7-18.el7_7.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-25032 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBY/3zpNzjgjWX9erEAQgopRAAnicJE4nJGD63kGm+PqFucbREdCZ3tCHM ppSjAZYm6e3z2cXqCA8Y/ZQxQjLGFUuT3PtzsD8eehFIu7WL6hO7s+jVaor/PYxG h1X9YRrtAGlCrMwUXgSpTmqCeXMofoXhZRgj/0fJASp/+C6sMOBYyJkPsSCT00fu bIU/TEKTFa6UNjLGBZLNMD1htyYAI70mrLp+zJB4HlFP8G7bX8XMduBwyFu8l9Ye C4u9A4n1yUWo6eJpK1jn91y9W0VcB2JEnCQ3CySVI4Oa0hzSQBEfVnGDicELtAcv F6yV4AcCk30JtsXLtihnZszk5Ke0uH/VICY9ubPH52rBqLzCELWrAtEkcfGJnPFr /TrCfgDC9vIDE9+QPWamraX62NKy9vwOf/pPOnSOGJUYngYuVIJl/ipWwbr0BhLd J3Ckbo0jlXjjXmMKnfv0LDr/0dvLNGc4VjqbEcJULNMiUu3Lh/I0/v3H7NCr8674 RFDBaKXJlzgJGCcQ7JFr/63Aw6kOp9lVJgjbnDYs1AV/FQVkLsIvw5hIdONZI5cP uJcrO4lfjw/4827E7gdBTnQEBRuZB/wGtmtcFrvIPiK+qWl0t457ic+nvDl8noiM kBZezS7yByEjCqudJgxEYrB8uUt+gX9aj08sqeyM9jSzUCpJAVCNycufQGvmblNA vP1CheTiOdc= =wNUm -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 8) - noarch
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section. Bugs fixed (https://bugzilla.redhat.com/):
2053429 - CVE-2022-23806 golang: crypto/elliptic IsOnCurve returns true for invalid field elements 2053532 - CVE-2022-23772 golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 2053541 - CVE-2022-23773 golang: cmd/go: misinterpretation of branch names can lead to incorrect access control
- JIRA issues fixed (https://issues.jboss.org/):
SRVKE-1217 - New KafkaSource implementation does not default to PLAIN for SASL
- Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.51. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHBA-2022:2267
Space precludes documenting all of the container images in this advisory.
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.51-x86_64
The image digest is sha256:539c1f5982343e0709179f305e347560304fdeb89a09bd042a59a58a836a0940
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.51-s390x
The image digest is sha256:f6fa9f75e6de166b6daccbc6830bbeaade38eac97faa2752e0c38af23aa4135e
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.51-ppc64le
The image digest is sha256:e4a1eb51749bdb0fa429e5b7f697d3b38cd32b76786dc1ce579a5d53827705b0
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html
- Solution:
For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html
- Bugs fixed (https://bugzilla.redhat.com/):
2057526 - cloud provider config change breaks the cluster 2076211 - CVE-2022-1677 openshift/router: route hijacking attack via crafted HAProxy configuration file 2081483 - csv_succeeded metric not present in olm-operator for all successful CSVs 2082029 - Bump to latest available 1.20.15 k8s
- Summary:
The Migration Toolkit for Containers (MTC) 1.7.2 is now available. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/):
2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes 2038898 - [UI] ?Update Repository? option not getting disabled after adding the Replication Repository details to the MTC web console 2040693 - ?Replication repository? wizard has no validation for name length 2040695 - [MTC UI] ?Add Cluster? wizard stucks when the cluster name length is more than 63 characters 2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor 2048537 - Exposed route host to image registry? connecting successfully to invalid registry ?xyz.com? 2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak 2055658 - [MTC UI] Cancel button on ?Migrations? page does not disappear when migration gets Failed/Succeeded with warnings 2056962 - [MTC UI] UI shows the wrong migration type info after changing the target namespace 2058172 - [MTC UI] Successful Rollback is not showing the green success icon in the ?Last State? field. 2058529 - [MTC UI] Migrations Plan is missing the type for the state migration performed before upgrade 2061335 - [MTC UI] ?Update cluster? button is not getting disabled 2062266 - MTC UI does not display logs properly [OADP-BL] 2062862 - [MTC UI] Clusters page behaving unexpectedly on deleting the remote cluster?s service account secret from backend 2074675 - HPAs of DeploymentConfigs are not being updated when migration from Openshift 3.x to Openshift 4.x 2076593 - Velero pod log missing from UI drop down 2076599 - Velero pod log missing from downloaded logs folder [OADP-BL] 2078459 - [MTC UI] Storageclass conversion plan is adding migstorage reference in migplan 2079252 - [MTC] Rsync options logs not visible in log-reader pod 2082221 - Don't allow Storage class conversion migration if source cluster has only one storage class defined [UI] 2082225 - non-numeric user when launching stage pods [OADP-BL] 2088022 - Default CPU requests on Velero/Restic are too demanding making scheduling fail in certain environments 2088026 - Cloud propagation phase in migration controller is not doing anything due to missing labels on Velero pods 2089126 - [MTC] Migration controller cannot find Velero Pod because of wrong labels 2089411 - [MTC] Log reader pod is missing velero and restic pod logs [OADP-BL] 2089859 - [Crane] DPA CR is missing the required flag - Migration is getting failed at the EnsureCloudSecretPropagated phase due to the missing secret VolumeMounts 2090317 - [MTC] mig-operator failed to create a DPA CR due to null values are passed instead of int [OADP-BL] 2096939 - Fix legacy operator.yml inconsistencies and errors 2100486 - [MTC UI] Target storage class field is not getting respected when clusters don't have replication repo configured
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "h500s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.8.4"
},
{
"_id": null,
"model": "scalance sc626-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "11.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"_id": null,
"model": "e-series santricity os controller",
"scope": "gte",
"trust": 1.0,
"vendor": "netapp",
"version": "11.0.0"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.6.9"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.6.0"
},
{
"_id": null,
"model": "h410s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "zlib",
"scope": "gte",
"trust": 1.0,
"vendor": "zlib",
"version": "1.2.2.2"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.7.5"
},
{
"_id": null,
"model": "hci compute node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"_id": null,
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.15"
},
{
"_id": null,
"model": "management services for element software",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "6.45"
},
{
"_id": null,
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.10.5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "15.38"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.9.2"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.3.36"
},
{
"_id": null,
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.7.0"
},
{
"_id": null,
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.10.0"
},
{
"_id": null,
"model": "h410c",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "scalance sc632-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "7.52"
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "13.46"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.5.0"
},
{
"_id": null,
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.9.0"
},
{
"_id": null,
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "12.0.0"
},
{
"_id": null,
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.7.14"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.4.26"
},
{
"_id": null,
"model": "scalance sc622-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.5.17"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"_id": null,
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.8.0"
},
{
"_id": null,
"model": "scalance sc636-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.7.0"
},
{
"_id": null,
"model": "scalance sc642-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "zlib",
"scope": "lt",
"trust": 1.0,
"vendor": "zlib",
"version": "1.2.12"
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "8.60"
},
{
"_id": null,
"model": "e-series santricity os controller",
"scope": "lte",
"trust": 1.0,
"vendor": "netapp",
"version": "11.70.2"
},
{
"_id": null,
"model": "h700s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "h300s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.4"
},
{
"_id": null,
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.8.14"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.9.0"
},
{
"_id": null,
"model": "gotoassist",
"scope": "lt",
"trust": 1.0,
"vendor": "goto",
"version": "11.9.18"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.4.0"
},
{
"_id": null,
"model": "ontap select deploy administration utility",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "11.54"
},
{
"_id": null,
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.6.6"
},
{
"_id": null,
"model": "active iq unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "nokogiri",
"scope": "lt",
"trust": 1.0,
"vendor": "nokogiri",
"version": "1.13.4"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.8.0"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"_id": null,
"model": "scalance sc646-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.3.0"
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "17.32"
},
{
"_id": null,
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.9.13"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "167271"
},
{
"db": "PACKETSTORM",
"id": "169897"
},
{
"db": "PACKETSTORM",
"id": "171159"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167346"
},
{
"db": "PACKETSTORM",
"id": "167265"
},
{
"db": "PACKETSTORM",
"id": "167679"
}
],
"trust": 0.8
},
"cve": "CVE-2018-25032",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-25032",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-418557",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-25032",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-25032",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2018-25032",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-2221",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-418557",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-25032",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "VULMON",
"id": "CVE-2018-25032"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"description": {
"_id": null,
"data": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.3.11 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. Bugs fixed (https://bugzilla.redhat.com/):\n\n2057544 - Cancel rpm-ostree transaction after failed rebase\n2058674 - whereabouts IPAM CNI ip-reconciler cronjob specification requires hostnetwork, api-int lb usage \u0026 proper backoff\n2062655 - [4.8.z backport] cluster scaling new nodes ovs-configuration fails on all new nodes\n2070762 - [4.8z] WebScale: duplicate ecmp next hop error caused by multiple of the same gateway IPs in ovnkube cache\n2074053 - Internal registries with a big number of images delay pod creation due to recursive SELinux file context relabeling\n2074680 - csv_succeeded metric not present in olm-operator for all successful CSVs\n2076211 - CVE-2022-1677 openshift/router: route hijacking attack via crafted HAProxy configuration file\n2077004 - Bump to latest available 1.21.11 k8s\n2077370 - [4.8.z] NetworkPolicy tests are failing on metal IPv6\n2077765 - (release-4.8) Gather namespace names with overlapping UID ranges\n2078477 - Latest ose-jenkins-agent-base:v4.9.0 image fails to start on OpenShift due to FIPS error\n2084259 - [4.8] OCP ignores STOPSIGNAL in Dockerfile and sends SIGTERM\n2088196 - Redfish set boot device failed for node in OCP 4.8 latest RC\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: zlib security update\nAdvisory ID: RHSA-2023:0943-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2023:0943\nIssue date: 2023-02-28\nCVE Names: CVE-2018-25032 \n=====================================================================\n\n1. Summary:\n\nAn update for zlib is now available for Red Hat Enterprise Linux 7.7\nAdvanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.7 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.7) - x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.7) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.7) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.7) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.7) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.7) - x86_64\n\n3. Description:\n\nThe zlib packages provide a general-purpose lossless data compression\nlibrary that is used by many different programs. \n\nSecurity Fix(es):\n\n* zlib: A flaw found in zlib when compressing (not decompressing) certain\ninputs (CVE-2018-25032)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.7):\n\nSource:\nzlib-1.2.7-18.el7_7.1.src.rpm\n\nx86_64:\nzlib-1.2.7-18.el7_7.1.i686.rpm\nzlib-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-devel-1.2.7-18.el7_7.1.i686.rpm\nzlib-devel-1.2.7-18.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.7):\n\nSource:\nzlib-1.2.7-18.el7_7.1.src.rpm\n\nppc64le:\nzlib-1.2.7-18.el7_7.1.ppc64le.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.ppc64le.rpm\nzlib-devel-1.2.7-18.el7_7.1.ppc64le.rpm\n\nx86_64:\nzlib-1.2.7-18.el7_7.1.i686.rpm\nzlib-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-devel-1.2.7-18.el7_7.1.i686.rpm\nzlib-devel-1.2.7-18.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.7):\n\nSource:\nzlib-1.2.7-18.el7_7.1.src.rpm\n\nx86_64:\nzlib-1.2.7-18.el7_7.1.i686.rpm\nzlib-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-devel-1.2.7-18.el7_7.1.i686.rpm\nzlib-devel-1.2.7-18.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.7):\n\nx86_64:\nminizip-1.2.7-18.el7_7.1.i686.rpm\nminizip-1.2.7-18.el7_7.1.x86_64.rpm\nminizip-devel-1.2.7-18.el7_7.1.i686.rpm\nminizip-devel-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-static-1.2.7-18.el7_7.1.i686.rpm\nzlib-static-1.2.7-18.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.7):\n\nppc64le:\nminizip-1.2.7-18.el7_7.1.ppc64le.rpm\nminizip-devel-1.2.7-18.el7_7.1.ppc64le.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.ppc64le.rpm\nzlib-static-1.2.7-18.el7_7.1.ppc64le.rpm\n\nx86_64:\nminizip-1.2.7-18.el7_7.1.i686.rpm\nminizip-1.2.7-18.el7_7.1.x86_64.rpm\nminizip-devel-1.2.7-18.el7_7.1.i686.rpm\nminizip-devel-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-static-1.2.7-18.el7_7.1.i686.rpm\nzlib-static-1.2.7-18.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.7):\n\nx86_64:\nminizip-1.2.7-18.el7_7.1.i686.rpm\nminizip-1.2.7-18.el7_7.1.x86_64.rpm\nminizip-devel-1.2.7-18.el7_7.1.i686.rpm\nminizip-devel-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-static-1.2.7-18.el7_7.1.i686.rpm\nzlib-static-1.2.7-18.el7_7.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-25032\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2023 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBY/3zpNzjgjWX9erEAQgopRAAnicJE4nJGD63kGm+PqFucbREdCZ3tCHM\nppSjAZYm6e3z2cXqCA8Y/ZQxQjLGFUuT3PtzsD8eehFIu7WL6hO7s+jVaor/PYxG\nh1X9YRrtAGlCrMwUXgSpTmqCeXMofoXhZRgj/0fJASp/+C6sMOBYyJkPsSCT00fu\nbIU/TEKTFa6UNjLGBZLNMD1htyYAI70mrLp+zJB4HlFP8G7bX8XMduBwyFu8l9Ye\nC4u9A4n1yUWo6eJpK1jn91y9W0VcB2JEnCQ3CySVI4Oa0hzSQBEfVnGDicELtAcv\nF6yV4AcCk30JtsXLtihnZszk5Ke0uH/VICY9ubPH52rBqLzCELWrAtEkcfGJnPFr\n/TrCfgDC9vIDE9+QPWamraX62NKy9vwOf/pPOnSOGJUYngYuVIJl/ipWwbr0BhLd\nJ3Ckbo0jlXjjXmMKnfv0LDr/0dvLNGc4VjqbEcJULNMiUu3Lh/I0/v3H7NCr8674\nRFDBaKXJlzgJGCcQ7JFr/63Aw6kOp9lVJgjbnDYs1AV/FQVkLsIvw5hIdONZI5cP\nuJcrO4lfjw/4827E7gdBTnQEBRuZB/wGtmtcFrvIPiK+qWl0t457ic+nvDl8noiM\nkBZezS7yByEjCqudJgxEYrB8uUt+gX9aj08sqeyM9jSzUCpJAVCNycufQGvmblNA\nvP1CheTiOdc=\n=wNUm\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - noarch\n\n3. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.7 Release Notes linked from the References section. Bugs fixed (https://bugzilla.redhat.com/):\n\n2053429 - CVE-2022-23806 golang: crypto/elliptic IsOnCurve returns true for invalid field elements\n2053532 - CVE-2022-23772 golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString\n2053541 - CVE-2022-23773 golang: cmd/go: misinterpretation of branch names can lead to incorrect access control\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nSRVKE-1217 - New KafkaSource implementation does not default to PLAIN for SASL\n\n6. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.7.51. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHBA-2022:2267\n\nSpace precludes documenting all of the container images in this advisory. \n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n$ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.51-x86_64\n\nThe image digest is\nsha256:539c1f5982343e0709179f305e347560304fdeb89a09bd042a59a58a836a0940\n\n(For s390x architecture)\n\n$ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.51-s390x\n\nThe image digest is\nsha256:f6fa9f75e6de166b6daccbc6830bbeaade38eac97faa2752e0c38af23aa4135e\n\n(For ppc64le architecture)\n\n$ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.51-ppc64le\n\nThe image digest is\nsha256:e4a1eb51749bdb0fa429e5b7f697d3b38cd32b76786dc1ce579a5d53827705b0\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html\n\n3. Solution:\n\nFor OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2057526 - cloud provider config change breaks the cluster\n2076211 - CVE-2022-1677 openshift/router: route hijacking attack via crafted HAProxy configuration file\n2081483 - csv_succeeded metric not present in olm-operator for all successful CSVs\n2082029 - Bump to latest available 1.20.15 k8s\n\n5. Summary:\n\nThe Migration Toolkit for Containers (MTC) 1.7.2 is now available. Description:\n\nThe Migration Toolkit for Containers (MTC) enables you to migrate\nKubernetes resources, persistent volume data, and internal container images\nbetween OpenShift Container Platform clusters, using the MTC web console or\nthe Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/):\n\n2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes\n2038898 - [UI] ?Update Repository? option not getting disabled after adding the Replication Repository details to the MTC web console\n2040693 - ?Replication repository? wizard has no validation for name length\n2040695 - [MTC UI] ?Add Cluster? wizard stucks when the cluster name length is more than 63 characters\n2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor\n2048537 - Exposed route host to image registry? connecting successfully to invalid registry ?xyz.com?\n2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak\n2055658 - [MTC UI] Cancel button on ?Migrations? page does not disappear when migration gets Failed/Succeeded with warnings\n2056962 - [MTC UI] UI shows the wrong migration type info after changing the target namespace\n2058172 - [MTC UI] Successful Rollback is not showing the green success icon in the ?Last State? field. \n2058529 - [MTC UI] Migrations Plan is missing the type for the state migration performed before upgrade\n2061335 - [MTC UI] ?Update cluster? button is not getting disabled\n2062266 - MTC UI does not display logs properly [OADP-BL]\n2062862 - [MTC UI] Clusters page behaving unexpectedly on deleting the remote cluster?s service account secret from backend\n2074675 - HPAs of DeploymentConfigs are not being updated when migration from Openshift 3.x to Openshift 4.x\n2076593 - Velero pod log missing from UI drop down\n2076599 - Velero pod log missing from downloaded logs folder [OADP-BL]\n2078459 - [MTC UI] Storageclass conversion plan is adding migstorage reference in migplan\n2079252 - [MTC] Rsync options logs not visible in log-reader pod\n2082221 - Don\u0027t allow Storage class conversion migration if source cluster has only one storage class defined [UI]\n2082225 - non-numeric user when launching stage pods [OADP-BL]\n2088022 - Default CPU requests on Velero/Restic are too demanding making scheduling fail in certain environments\n2088026 - Cloud propagation phase in migration controller is not doing anything due to missing labels on Velero pods\n2089126 - [MTC] Migration controller cannot find Velero Pod because of wrong labels\n2089411 - [MTC] Log reader pod is missing velero and restic pod logs [OADP-BL]\n2089859 - [Crane] DPA CR is missing the required flag - Migration is getting failed at the EnsureCloudSecretPropagated phase due to the missing secret VolumeMounts\n2090317 - [MTC] mig-operator failed to create a DPA CR due to null values are passed instead of int [OADP-BL]\n2096939 - Fix legacy operator.yml inconsistencies and errors\n2100486 - [MTC UI] Target storage class field is not getting respected when clusters don\u0027t have replication repo configured",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-25032"
},
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "VULMON",
"id": "CVE-2018-25032"
},
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "167271"
},
{
"db": "PACKETSTORM",
"id": "169897"
},
{
"db": "PACKETSTORM",
"id": "171159"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167346"
},
{
"db": "PACKETSTORM",
"id": "167265"
},
{
"db": "PACKETSTORM",
"id": "167679"
}
],
"trust": 1.8
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-418557",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-25032",
"trust": 2.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/28/3",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/26/1",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/28/1",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/24/1",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/25/2",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-333517",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "167346",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "169897",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "169782",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167679",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167622",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "168352",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "168042",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167327",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167391",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167400",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167956",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167088",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167142",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "168696",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167008",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167602",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166946",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166563",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "170003",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167555",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167224",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167568",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167260",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167461",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167591",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "168011",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167189",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167281",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "169624",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166970",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "168392",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167486",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.1366",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3050",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2411",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4601",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3299",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1665",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1863",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2561",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4568",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3228",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2709",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2474",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2181",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3821",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3236",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.6128",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.5062",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.6112",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.3146",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2857",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2924",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.1695",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1403",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3136",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3479",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2019",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3977",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2778",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4632",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3020",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.6333",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3112",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2598",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2900",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022033020",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072056",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022050233",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022032845",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051703",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072010",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022060505",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022042114",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051324",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022060127",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022061722",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022070735",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022053131",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022060816",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022053025",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022070643",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051742",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022040111",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051235",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022062931",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022070507",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022040603",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "166856",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "167271",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167265",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "166552",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167133",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166967",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167381",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167122",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171157",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167140",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167277",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167330",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167485",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167334",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167116",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167389",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166555",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167223",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168036",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167134",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167364",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167594",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171152",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167188",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167936",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167138",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167586",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167186",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167470",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167119",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167136",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167674",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167124",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-418557",
"trust": 0.1
},
{
"db": "ICS CERT",
"id": "ICSA-23-348-10",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-25032",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171159",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "VULMON",
"id": "CVE-2018-25032"
},
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "167271"
},
{
"db": "PACKETSTORM",
"id": "169897"
},
{
"db": "PACKETSTORM",
"id": "171159"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167346"
},
{
"db": "PACKETSTORM",
"id": "167265"
},
{
"db": "PACKETSTORM",
"id": "167679"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"id": "VAR-202203-1690",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
}
],
"trust": 0.6566514
},
"last_update_date": "2026-03-09T20:35:07.026000Z",
"patch": {
"_id": null,
"data": [
{
"title": "zlib Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=187366"
},
{
"title": "Debian Security Advisories: DSA-5111-1 zlib -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=1953a09ed6b6acb885ad5f0bc5c6a1cb"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2018-25032: zlib memory corruption on deflate",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=aa0fc3d1bfe74e5ba24eb36e6014b06b"
},
{
"title": "Amazon Linux AMI: ALAS-2022-1602",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2022-1602"
},
{
"title": "Amazon Linux AMI: ALAS-2022-1640",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2022-1640"
},
{
"title": "Amazon Linux 2: ALAS2-2022-1772",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2022-1772"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-159",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-159"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-100",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-100"
},
{
"title": "Red Hat: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2018-25032"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224845 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221642 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221591 - Security Advisory"
},
{
"title": "Red Hat: Important: rsync security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222197 - Security Advisory"
},
{
"title": "Red Hat: Important: rsync security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222192 - Security Advisory"
},
{
"title": "Red Hat: Important: mingw-zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20227813 - Security Advisory"
},
{
"title": "Red Hat: Important: rsync security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224592 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20230976 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222214 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222213 - Security Advisory"
},
{
"title": "Red Hat: Important: rsync security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222201 - Security Advisory"
},
{
"title": "Red Hat: Important: rsync security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222198 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221661 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224584 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20230943 - Security Advisory"
},
{
"title": "Red Hat: Important: mingw-zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20228420 - Security Advisory"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2018-25032"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.9.35 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222283 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.6.58 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222264 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.7.51 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222268 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.6.58 security and extras update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222265 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Virtualization 4.10.2 Images security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225026 - Security Advisory"
},
{
"title": "Red Hat: Important: RHV-H security update (redhat-virtualization-host) 4.3.23",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225439 - Security Advisory"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-158",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-158"
},
{
"title": "Red Hat: Moderate: Cryostat 2.1.1: new Cryostat on RHEL 8 container images",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224985 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225152 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225187 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225192 - Security Advisory"
},
{
"title": "Brocade Security Advisories: Access Denied",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories\u0026qid=ac82ca9e02281afb3f0356588beedb43"
},
{
"title": "Red Hat: Moderate: Release of OpenShift Serverless Version 1.22.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224863 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Release of containers for OSP 16.2.z director operator tech preview",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222183 - Security Advisory"
},
{
"title": "Red Hat: Important: OpenShift Virtualization 4.8.7 Images bug fixes and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226890 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224691 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.8.41 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222272 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224671 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224692 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Cryostat 2.1.0: new Cryostat on RHEL 8 container images",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221679 - Security Advisory"
},
{
"title": "Red Hat: Moderate: security update for rh-sso-7/sso75-openshift-rhel8 container image",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221713 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225699 - Security Advisory"
},
{
"title": "Red Hat: Important: RHACS 3.69 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225188 - Security Advisory"
},
{
"title": "Red Hat: Moderate: ACS 3.70 enhancement and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224880 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 3.11.705 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222281 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224690 - Security Advisory"
},
{
"title": "Red Hat: Important: RHACS 3.68 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225132 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Advanced Cluster Management 2.3.10 security updates and bug fixes",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221715 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat OpenShift Logging Security and Bug update Release 5.4.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222216 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Openshift Logging Security and Bug update Release (5.2.10)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222218 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat OpenShift Logging Security and Bug update Release 5.3.7",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222217 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Advanced Cluster Management 2.4.4 security updates and bug fixes",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221681 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift Service Mesh 2.1.3 Containers security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225006 - Security Advisory"
},
{
"title": "Red Hat: Low: Release of OpenShift Serverless Version 1.22.0",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221747 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.7.3 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225840 - Security Advisory"
},
{
"title": "Apple: macOS Monterey 12.4",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=73857ee26a600b1527481f1deacc0619"
},
{
"title": "Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224814 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225483 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.11.0 extras and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225070 - Security Advisory"
},
{
"title": "Red Hat: Important: OpenShift Virtualization 4.11.0 Images security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226526 - Security Advisory"
},
{
"title": "Red Hat: Important: Migration Toolkit for Containers (MTC) 1.7.4 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226429 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Advanced Cluster Management 2.4.5 security updates and bug fixes",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225201 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Advanced Cluster Management 2.3.11 security updates and bug fixes",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225392 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20233742 - Security Advisory"
},
{
"title": "Red Hat: Important: Service Telemetry Framework 1.4 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225924 - Security Advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.11.0 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225069 - Security Advisory"
},
{
"title": "SSZipArchive",
"trust": 0.1,
"url": "https://github.com/ZipArchive/ZipArchive "
},
{
"title": "UnityReleaseNotes",
"trust": 0.1,
"url": "https://github.com/mario206/UnityReleaseNotes "
},
{
"title": "zlib-patch-demo",
"trust": 0.1,
"url": "https://github.com/chainguard-dev/zlib-patch-demo "
},
{
"title": "ReptileIndexOfProject",
"trust": 0.1,
"url": "https://github.com/Webb-L/reptileIndexOfProject "
},
{
"title": "UnityReleaseNotes",
"trust": 0.1,
"url": "https://github.com/mario206/UnityReleaseNotes-latest "
},
{
"title": "snyk-to-cve",
"trust": 0.1,
"url": "https://github.com/yeforriak/snyk-to-cve "
},
{
"title": "GitHub Actions CI App Pipeline",
"trust": 0.1,
"url": "https://github.com/isgo-golgo13/gokit-gorillakit-enginesvc "
},
{
"title": "veracode-container-security-finding-parser",
"trust": 0.1,
"url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2022/03/30/zlib_data_bug/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-25032"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.9,
"url": "https://www.debian.org/security/2022/dsa-5111"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"trust": 1.8,
"url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht213255"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht213256"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht213257"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2022/may/38"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2022/may/35"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2022/may/33"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/202210-42"
},
{
"trust": 1.8,
"url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"
},
{
"trust": 1.8,
"url": "https://github.com/madler/zlib/issues/605"
},
{
"trust": 1.8,
"url": "https://www.openwall.com/lists/oss-security/2022/03/24/1"
},
{
"trust": 1.8,
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/1"
},
{
"trust": 1.8,
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/3"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2022/03/25/2"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2022/03/26/1"
},
{
"trust": 1.4,
"url": "https://access.redhat.com/security/cve/cve-2018-25032"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ns2d2gfpfgojul4wq3duay7hf4vwq77f/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xokfmsnq5d5wgmalbnbxu3ge442v74wu/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/voknp2l734ael47nrygvzikefoubqy5y/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/df62mvmh3qugmbdcb3dy2erq6ebhtadb/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jzzptwryqulaol3aw7rzjnvz2uonxcv4/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/dczfijbjtz7cl5qxbfktq22q26vinruf/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.8,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25032"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/voknp2l734ael47nrygvzikefoubqy5y/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jzzptwryqulaol3aw7rzjnvz2uonxcv4/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ns2d2gfpfgojul4wq3duay7hf4vwq77f/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/df62mvmh3qugmbdcb3dy2erq6ebhtadb/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/dczfijbjtz7cl5qxbfktq22q26vinruf/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xokfmsnq5d5wgmalbnbxu3ge442v74wu/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2900"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168011/red-hat-security-advisory-2022-5924-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168696/red-hat-security-advisory-2022-6890-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2709"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022060127"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169897/red-hat-security-advisory-2022-8420-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167281/red-hat-security-advisory-2022-2265-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.5062"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6112"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2474"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022070643"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051742"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2598"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1403"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168352/red-hat-security-advisory-2022-6429-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167602/red-hat-security-advisory-2022-5201-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1366"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051703"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169624/gentoo-linux-security-advisory-202210-42.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2018-25032/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169782/red-hat-security-advisory-2022-7813-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022040111"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167327/red-hat-security-advisory-2022-2281-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022060816"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.1695"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3050"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht213255"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022053131"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022033020"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166856/red-hat-security-advisory-2022-1591-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022070735"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2561"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3299"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167008/red-hat-security-advisory-2022-1747-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167679/red-hat-security-advisory-2022-5483-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051235"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3136"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167400/red-hat-security-advisory-2022-4896-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6128"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3977"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167391/red-hat-security-advisory-2022-4592-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2924"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/170003/ubuntu-security-notice-usn-5739-1.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072056"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167956/red-hat-security-advisory-2022-5840-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022060505"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.3146"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022062931"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167622/red-hat-security-advisory-2022-5392-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167088/red-hat-security-advisory-2022-1679-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3020"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022053025"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167346/red-hat-security-advisory-2022-4863-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032845"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6333"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022050233"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022070507"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051324"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2411"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4632"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166946/red-hat-security-advisory-2022-1681-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167461/red-hat-security-advisory-2022-4985-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167568/red-hat-security-advisory-2022-5152-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3821"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1665"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1863"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3228"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2019"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2778"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167224/red-hat-security-advisory-2022-4692-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168042/red-hat-security-advisory-2022-5069-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167142/red-hat-security-advisory-2022-2216-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2857"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166970/red-hat-security-advisory-2022-1715-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb20220720108"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022042114"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167260/red-hat-security-advisory-2022-2283-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167555/red-hat-security-advisory-2022-5132-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167591/red-hat-security-advisory-2022-5188-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022061722"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168392/red-hat-security-advisory-2022-6526-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167486/ubuntu-security-notice-usn-5359-2.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022040603"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2181"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167189/apple-security-advisory-2022-05-16-4.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166563/ubuntu-security-notice-usn-5359-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3112"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3236"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3479"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4568"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4601"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2022-1271"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3634"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-4189"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3634"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3737"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3752"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4157"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3744"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0235"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-13974"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-41617"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-45485"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3773"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4002"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29154"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-43976"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-0941"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-43389"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27820"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-44733"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0536"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21781"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4037"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-29154"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-37159"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-4788"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3772"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-0404"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3669"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3764"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-20322"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-43056"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3612"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-41864"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4197"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-0941"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3612"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-26401"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-27820"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3743"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1011"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20322"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4083"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-45486"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0322"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-4788"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26401"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0286"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0001"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-23806"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3759"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-21781"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0002"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4203"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-42739"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0404"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1677"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1677"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1271"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://github.com/ziparchive/ziparchive"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3669"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1708"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3696"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-38185"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28733"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21803"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29526"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28736"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3697"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25219"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28737"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-25219"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3695"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28735"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24785"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5392"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29810"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21443"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21496"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:2272"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhba-2022:2270"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21496"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21434"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21443"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21476"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:8420"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0943"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:7813"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23773"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23806"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23772"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3737"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4189"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23773"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:4863"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23772"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhba-2022:2267"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:2268"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-19131"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3807"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-26691"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-19131"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23852"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35492"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "VULMON",
"id": "CVE-2018-25032"
},
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "167271"
},
{
"db": "PACKETSTORM",
"id": "169897"
},
{
"db": "PACKETSTORM",
"id": "171159"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167346"
},
{
"db": "PACKETSTORM",
"id": "167265"
},
{
"db": "PACKETSTORM",
"id": "167679"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-418557",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2018-25032",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "167622",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "167271",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169897",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "171159",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169782",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "167346",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "167265",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "167679",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-25032",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2022-03-25T00:00:00",
"db": "VULHUB",
"id": "VHN-418557",
"ident": null
},
{
"date": "2022-03-25T00:00:00",
"db": "VULMON",
"id": "CVE-2018-25032",
"ident": null
},
{
"date": "2022-06-29T20:27:02",
"db": "PACKETSTORM",
"id": "167622",
"ident": null
},
{
"date": "2022-05-26T16:32:44",
"db": "PACKETSTORM",
"id": "167271",
"ident": null
},
{
"date": "2022-11-16T16:09:49",
"db": "PACKETSTORM",
"id": "169897",
"ident": null
},
{
"date": "2023-02-28T16:53:38",
"db": "PACKETSTORM",
"id": "171159",
"ident": null
},
{
"date": "2022-11-08T13:50:54",
"db": "PACKETSTORM",
"id": "169782",
"ident": null
},
{
"date": "2022-06-01T17:29:48",
"db": "PACKETSTORM",
"id": "167346",
"ident": null
},
{
"date": "2022-05-26T16:03:57",
"db": "PACKETSTORM",
"id": "167265",
"ident": null
},
{
"date": "2022-07-01T15:04:32",
"db": "PACKETSTORM",
"id": "167679",
"ident": null
},
{
"date": "2022-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2221",
"ident": null
},
{
"date": "2022-03-25T09:15:08.187000",
"db": "NVD",
"id": "CVE-2018-25032",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-11T00:00:00",
"db": "VULHUB",
"id": "VHN-418557",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-25032",
"ident": null
},
{
"date": "2023-06-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2221",
"ident": null
},
{
"date": "2025-08-21T20:37:11.840000",
"db": "NVD",
"id": "CVE-2018-25032",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "zlib Buffer error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…