Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2022:5525
HistoryJul 07, 2022 - 10:12 a.m.

(RHSA-2022:5525) Moderate: Service Binding Operator security update

2022-07-0710:12:50
access.redhat.com
32
security update
service binding operator
golang vulnerability
out-of-bounds read
dos
cvss score

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.012

Percentile

85.7%

JSON

Security Fix(es):

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Related

nessus 58
veracode 3
cvelist 2
redhat 6
osv 27
cbl_mariner 5
cgr 1
nvd 3
github 1
gitlab 2
cve 2
ibm 6
redhatcve 3
prion 3
alpinelinux 2
debiancve 2
ubuntucve 3
wolfi 1
oraclelinux 4
openvas 31
fedora 7
rocky 3
debian 2
cnvd 1
almalinux 3
freebsd 2
mageia 1
ubuntu 3
altlinux 2
amazon 3
rosalinux 1
f5 1
gentoo 1
cloudlinux 1
slackware 1
archlinux 1
zdi 1
nessus
nessus
RHEL 8 : podman (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 9 : podman (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : libssh (RHSA-2022:2031)
2022-05-11 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-04-20 08:23:13
Denial Of Service
2021-08-27 21:15:50
Remote Code Execution
2022-04-10 10:33:43
cvelist
cvelist
CVE-2021-38561
2022-12-26 00:00:00
CVE-2021-3634
2021-08-31 00:00:00
redhat
redhat
(RHSA-2023:0890) Moderate: OpenShift Container Platform 4.12.5 security update
2023-02-28 11:54:16
(RHSA-2023:0245) Moderate: OpenShift Container Platform 4.11.25 security update
2023-01-23 15:51:41
(RHSA-2022:2031) Low: libssh security, bug fix, and enhancement update
2022-05-10 08:14:06
osv
osv
CGA-g4pj-qxwv-mvx7
2024-06-06 12:27:21
CGA-pqwf-xv4p-qj38
2024-06-06 12:26:15
CGA-m639-pvh6-69x9
2024-06-06 12:28:24
cbl_mariner
cbl_mariner
CVE-2021-38561 affecting package multus for versions less than 4.0.2-1
2024-07-23 02:21:02
CVE-2021-38561 affecting package keda for versions less than 2.14.0-1
2024-07-22 15:42:40
CVE-2021-38561 affecting package cni for versions less than 1.1.2-2
2024-07-22 15:42:40
cgr
cgr
CVE-2021-38561 vulnerabilities
2024-05-19 03:07:16
nvd
nvd
CVE-2021-38561
2022-12-26 06:15:10
CVE-2021-3634
2021-08-31 17:15:08
CVE-2022-1271
2022-08-31 16:15:09
github
github
golang.org/x/text/language Out-of-bounds Read vulnerability
2022-12-26 06:30:22
gitlab
gitlab
Out-of-bounds Read
2022-12-26 00:00:00
Out-of-bounds Read
2022-12-26 00:00:00
cve
cve
CVE-2021-38561
2022-12-26 06:15:10
CVE-2021-3634
2021-08-31 17:15:08
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container Operator may be vulnerable to denial of service due to CVE-2021-38561
2022-05-23 12:43:21
Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Go CVE-2021-38561
2022-08-08 10:06:00
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2021-3634
2022-06-22 10:23:07
redhatcve
redhatcve
CVE-2021-38561
2022-06-23 14:36:47
CVE-2021-3634
2021-08-26 13:32:43
CVE-2022-1271
2022-04-08 08:27:59
prion
prion
Design/Logic Flaw
2022-12-26 06:15:00
Design/Logic Flaw
2021-08-31 17:15:00
Input validation
2022-08-31 16:15:00
alpinelinux
alpinelinux
CVE-2021-38561
2022-12-26 06:15:10
CVE-2021-3634
2021-08-31 17:15:08
debiancve
debiancve
CVE-2021-38561
2022-12-26 06:15:10
CVE-2021-3634
2021-08-31 17:15:08
ubuntucve
ubuntucve
CVE-2021-38561
2022-12-26 00:00:00
CVE-2021-3634
2021-08-26 00:00:00
CVE-2022-1271
2022-04-07 00:00:00
wolfi
wolfi
CVE-2021-38561 vulnerabilities
2024-10-01 21:13:23
oraclelinux
oraclelinux
libssh security, bug fix, and enhancement update
2022-05-17 00:00:00
gzip security update
2022-04-26 00:00:00
xz security update
2022-06-13 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2021-2716)
2021-11-12 00:00:00
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2021-2787)
2021-11-17 00:00:00
Fedora: Security Advisory for libssh (FEDORA-2021-ec797b6a96)
2021-10-02 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: libssh-0.9.6-1.fc33
2021-10-07 17:08:12
[SECURITY] Fedora 34 Update: libssh-0.9.6-1.fc34
2021-09-29 01:10:26
[SECURITY] Fedora 35 Update: libssh-0.9.6-1.fc35
2021-09-29 00:20:41
rocky
rocky
libssh security, bug fix, and enhancement update
2022-05-10 08:14:06
gzip security update
2022-05-17 22:32:54
xz security update
2022-06-13 07:15:31
debian
debian
[SECURITY] [DSA 4965-1] libssh security update
2021-08-31 14:43:51
[SECURITY] [DLA 2977-1] xz-utils security update
2022-04-10 13:07:58
cnvd
cnvd
libssh buffer overflow vulnerability (CNVD-2021-71262)
2021-09-02 00:00:00
almalinux
almalinux
Low: libssh security, bug fix, and enhancement update
2022-05-10 08:14:06
Important: xz security update
2022-06-08 00:00:00
Important: xz security update
2022-06-13 00:00:00
freebsd
freebsd
libssh -- possible heap-buffer overflow vulnerability
2021-08-26 00:00:00
zgrep -- arbitrary file write
2022-04-07 00:00:00
mageia
mageia
Updated libssh packages fix security vulnerability
2021-09-23 07:49:29
ubuntu
ubuntu
libssh vulnerability
2021-08-26 00:00:00
Gzip vulnerability
2022-04-13 00:00:00
Gzip vulnerability
2022-04-13 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package libssh version 0.9.6-alt1
2021-09-17 00:00:00
Security fix for the ALT Linux 9 package gzip version 1.10-alt1.p9.1
2023-04-10 00:00:00
amazon
amazon
Important: xz
2022-05-31 23:47:00
Important: gzip, xz
2022-04-25 22:56:00
Important: gzip
2022-05-31 23:47:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2301
2023-12-05 10:33:39
f5
f5
K000130546 : Gzip vulnerability CVE-2022-1271
2023-01-25 00:00:00
gentoo
gentoo
GNU Gzip, XZ Utils: Arbitrary file write
2022-09-07 00:00:00
cloudlinux
cloudlinux
Fixed CVE-2022-1271 in gzip
2022-05-20 00:06:18
slackware
slackware
[slackware-security] gzip
2022-04-14 21:21:03
archlinux
archlinux
[ASA-202204-8] xz: arbitrary command execution
2022-04-07 00:00:00
zdi
zdi
Tukaani XZ Utils xzgrep Argument Injection Remote Code Execution Vulnerability
2022-04-12 00:00:00

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.012

Percentile

85.7%

JSON
Related for RHSA-2022:5525
nessus58veracode3cvelist2redhat6osv27cbl_mariner5cgr1nvd3github1gitlab2cve2ibm6redhatcve3prion3alpinelinux2debiancve2ubuntucve3wolfi1oraclelinux4openvas31fedora7rocky3debian2cnvd1almalinux3freebsd2mageia1ubuntu3altlinux2amazon3rosalinux1f51gentoo1cloudlinux1slackware1archlinux1zdi1