Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:ALSA-2023:6316
HistoryNov 07, 2023 - 12:00 a.m.

Low: pcs security, bug fix, and enhancement update

2023-11-0700:00:00
Google
osv.dev
14
pcs package
security fix
bug fix
enhancement
cve-2022-38900
cvss score
almalinux release notes

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.004

Percentile

73.2%

JSON

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

Security Fix(es):

  • decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

Related

redhat 8
nessus 20
fedora 5
veracode 1
cvelist 2
redhatcve 1
ibm 16
cve 2
openvas 7
oraclelinux 2
osv 5
almalinux 2
nvd 2
prion 2
github 1
rocky 1
redos 1
redhat
redhat
(RHSA-2023:6316) Low: pcs security, bug fix, and enhancement update
2023-11-07 06:01:53
(RHSA-2023:1744) Important: rh-nodejs14-nodejs security, bug fix, and enhancement update
2023-04-12 14:38:13
(RHSA-2023:1743) Important: nodejs:14 security, bug fix, and enhancement update
2023-04-12 14:37:46
nessus
nessus
RHEL 9 : pcs (RHSA-2023:6316)
2023-11-07 00:00:00
Fedora 37 : pcs (2023-ae96dd6105)
2023-07-01 00:00:00
Fedora 39 : pcs (2023-e4cb7a5bda)
2023-11-07 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: pcs-0.11.6-1.fc37
2023-07-01 00:38:09
[SECURITY] Fedora 38 Update: pcs-0.11.6-1.fc38
2023-07-01 01:46:23
[SECURITY] Fedora 37 Update: yarnpkg-1.22.19-5.fc37
2023-03-30 01:21:37
veracode
veracode
Denial Of Service (DoS)
2022-11-29 02:52:14
cvelist
cvelist
CVE-2022-38900
2022-11-28 00:00:00
CVE-2022-38778
2023-02-08 00:00:00
redhatcve
redhatcve
CVE-2022-38900
2023-02-16 21:29:43
ibm
ibm
Security Bulletin: Vulnerability in nodejs decode-uri-component affect Cloud Pak System[CVE-2022-38900]
2024-08-01 12:45:28
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Node.js decode-uri-component
2023-01-30 17:47:56
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service due to [CVE-2022-38900]
2023-04-28 11:44:02
cve
cve
CVE-2022-38900
2022-11-28 13:15:10
CVE-2022-38778
2023-02-08 21:15:10
openvas
openvas
Fedora: Security Advisory for pcs (FEDORA-2023-ae96dd6105)
2023-07-02 00:00:00
Fedora: Security Advisory (FEDORA-2023-e4cb7a5bda)
2024-09-10 00:00:00
Fedora: Security Advisory for pcs (FEDORA-2023-b86fd9ad80)
2023-07-02 00:00:00
oraclelinux
oraclelinux
pcs
2023-11-12 00:00:00
nodejs:14 security, bug fix, and enhancement update
2023-04-12 00:00:00
osv
osv
CVE-2022-38900
2022-11-28 13:15:10
decode-uri-component vulnerable to Denial of Service (DoS)
2022-11-28 15:30:24
CVE-2022-38778
2023-02-08 21:15:10
almalinux
almalinux
Low: pcs security, bug fix, and enhancement update
2023-11-07 00:00:00
Important: nodejs:14 security, bug fix, and enhancement update
2023-04-12 00:00:00
nvd
nvd
CVE-2022-38900
2022-11-28 13:15:10
CVE-2022-38778
2023-02-08 21:15:10
prion
prion
Input validation
2022-11-28 13:15:00
Design/Logic Flaw
2023-02-08 21:15:00
github
github
decode-uri-component vulnerable to Denial of Service (DoS)
2022-11-28 15:30:24
rocky
rocky
nodejs:14 security, bug fix, and enhancement update
2023-04-26 15:28:13
redos
redos
ROS-20240704-07
2024-07-04 00:00:00

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.004

Percentile

73.2%

JSON
Related for OSV:ALSA-2023:6316
redhat8nessus20fedora5veracode1cvelist2redhatcve1ibm16cve2openvas7oraclelinux2osv5almalinux2nvd2prion2github1rocky1redos1