DATABASE RESOURCES PRICING ABOUT US

{"id": "F8949F00CDCE086FCFA5F40AFADF9DB9E3B4DD10AB910034C41279EA96313C2A", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak", "description": "## Summary\n\nMultiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak \nLinux kernel is used by IBM Robotic Process Automation for Cloud Pak as part of base container images. (CVE-2022-1012, CVE-2022-32250). \nOpenSSL is used by IBM Robotic Process Automation for Cloud Pak for handling certificates in the API Server image. (CVE-2022-1292, CVE-2022-2068, CVE-2022-2097). \nPCRE2 is used by IBM Robotic Process Automation for Cloud Pak as part of the base container images. (CVE-2022-1586). \nGolang Go is used by IBM Robotic Process Automation for Cloud Pak as part of the operators. (CVE-2022-1705, CVE-2022-1962, CVE-2022-28131, CVE-2022-30580, CVE-2022-30629, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148, CVE-2022-32189). \nsystemd is used by IBM Robotic Process Automation for Cloud Pak as part of the base container images. (CVE-2022-2526). \nJava is used by IBM Robotic Process Automation for Cloud Pak as part of the &lt;product functionality using the 3rd party software&gt;. (CVE-2022-21540, CVE-2022-21541). \nrsync is used by IBM Robotic Process Automation for Cloud Pak for download, test and install anti-virus databases. (CVE-2022-29154). \nlibcurl is used by IBM Robotic Process Automation for Cloud Pak as part of the base container images. (CVE-2022-32206, CVE-2022-32208). \nApache XLAN Java XSLT is used by IBM Robotic Process Automation for Cloud Pak as part of the Java package used for NLP services. (CVE-2022-34169). \n\n## Vulnerability Details\n\n**CVEID: **[CVE-2022-1012](<https://vulners.com/cve/CVE-2022-1012>) \n**DESCRIPTION: **Linux Kernel could allow a remote attacker to obtain sensitive information, caused by a memory leak flaw in the TCP source port generation algorithm in the net/ipv4/tcp.c function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/230055](<https://exchange.xforce.ibmcloud.com/vulnerabilities/230055>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H) \n \n**CVEID: **[CVE-2022-1292](<https://vulners.com/cve/CVE-2022-1292>) \n**DESCRIPTION: **OpenSSL could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the c_rehash script. By sending a specially-crafted request using shell metacharacters, an attacker could exploit this vulnerability to execute arbitrary commands with the privileges of the script on the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225619](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225619>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2022-1586](<https://vulners.com/cve/CVE-2022-1586>) \n**DESCRIPTION: **PCRE2 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the compile_xclass_matchingpath() function in the pcre2_jit_compile.c file. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226863](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226863>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2022-1705](<https://vulners.com/cve/CVE-2022-1705>) \n**DESCRIPTION: **Golang Go is vulnerable to HTTP request smuggling, caused by a flaw with accepting of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http. By sending a specially-crafted HTTP(S) transfer-encoding request header, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233258](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233258>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2022-1962](<https://vulners.com/cve/CVE-2022-1962>) \n**DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a stack exhaustion flaw in all Parse* functions. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a panic, and results in a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/232543](<https://exchange.xforce.ibmcloud.com/vulnerabilities/232543>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2022-2068](<https://vulners.com/cve/CVE-2022-2068>) \n**DESCRIPTION: **OpenSSL could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the c_rehash script. By sending a specially-crafted request using shell metacharacters, an attacker could exploit this vulnerability to execute arbitrary commands with the privileges of the script on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226018](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226018>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2022-2097](<https://vulners.com/cve/CVE-2022-2097>) \n**DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by improper encryption of data by the AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/230425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/230425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2022-2526](<https://vulners.com/cve/CVE-2022-2526>) \n**DESCRIPTION: **systemd could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw due to the on_stream_io() function and dns_stream_complete() function in \"resolved-dns-stream.c\" not incrementing the reference counting for the DnsStream object. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235161](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235161>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2022-21540](<https://vulners.com/cve/CVE-2022-21540>) \n**DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/231567](<https://exchange.xforce.ibmcloud.com/vulnerabilities/231567>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2022-21541](<https://vulners.com/cve/CVE-2022-21541>) \n**DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/231568](<https://exchange.xforce.ibmcloud.com/vulnerabilities/231568>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n**CVEID: **[CVE-2022-28131](<https://vulners.com/cve/CVE-2022-28131>) \n**DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Decoder.Skip in encoding/xml due to stack exhaustion. By parsing a specially-crafted XML document, a remote attacker could exploit this vulnerability to cause a panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233141](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233141>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2022-29154](<https://vulners.com/cve/CVE-2022-29154>) \n**DESCRIPTION: **Rsync could allow a remote attacker to bypass security restrictions, caused by improper validation of file names. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to write arbitrary files inside the directories of connecting peers. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/232637](<https://exchange.xforce.ibmcloud.com/vulnerabilities/232637>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n**CVEID: **[CVE-2022-30580](<https://vulners.com/cve/CVE-2022-30580>) \n**DESCRIPTION: **Golang Go could allow a local attacker to execute arbitrary code on the system, caused by a flaw when Cmd.Run, cmd.Start, cmd.Output, or cmd.CombinedOutput are executed when Cmd.Path is unset. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2022-30629](<https://vulners.com/cve/CVE-2022-30629>) \n**DESCRIPTION: **Golang Go could allow a remote attacker to obtain sensitive information, caused by an issue with session tickets generated by crypto/tls did not contain a randomly generated ticket_age_add. By comparing ticket ages during session resumption, an attacker could exploit this vulnerability to observe TLS handshakes information to correlate successive connections. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229859](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229859>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2022-30630](<https://vulners.com/cve/CVE-2022-30630>) \n**DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Glob in io/fs due to stack exhaustion. By sending a specially-crafted request using a path which contains a large number of path separators, a remote attacker could exploit this vulnerability to cause a panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233143](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233143>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2022-30631](<https://vulners.com/cve/CVE-2022-30631>) \n**DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Reader.Read in compress/gzip due to stack exhaustion. By parsing a specially-crafted compressed file, a remote attacker could exploit this vulnerability to cause a panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233144](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233144>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2022-30632](<https://vulners.com/cve/CVE-2022-30632>) \n**DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Glob in path/filepath due to stack exhaustion. By sending a specially-crafted request using a path containing a large number of path separators, a remote attacker could exploit this vulnerability to cause a panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233145](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233145>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2022-30633](<https://vulners.com/cve/CVE-2022-30633>) \n**DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Unmarshal in encoding/xml due to stack exhaustion. By parsing a specially-crafted XML document, a remote attacker could exploit this vulnerability to cause a panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233146](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233146>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2022-30635](<https://vulners.com/cve/CVE-2022-30635>) \n**DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Decoder.Decode in encoding/gob due to stack exhaustion. By sending a specially-crafted message containing deeply nested structures, a remote attacker could exploit this vulnerability to cause a panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233147](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233147>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2022-32148](<https://vulners.com/cve/CVE-2022-32148>) \n**DESCRIPTION: **Golang Go could allow a remote attacker to obtain sensitive information, caused by improper exposure of client IP addresses in net/http. By calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, an attacker could exploit this vulnerability to obtain the client IP address information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233148](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233148>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2022-32189](<https://vulners.com/cve/CVE-2022-32189>) \n**DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw in Float.GobDecode and Rat GobDecode in math/big. By sending a specially-crafted message, a remote attacker could exploit this vulnerability to cause a panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233149](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233149>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2022-32206](<https://vulners.com/cve/CVE-2022-32206>) \n**DESCRIPTION: **cURL libcurl is vulnerable to a denial of service, caused by a flaw in the number of acceptable \"links\" in the \"chained\" HTTP compression algorithms. By persuading a victim to connect a specially-crafted server, a remote attacker could exploit this vulnerability to insert a virtually unlimited number of compression steps, and results in a denial of service condition. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229740](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229740>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2022-32208](<https://vulners.com/cve/CVE-2022-32208>) \n**DESCRIPTION: **cURL libcurl is vulnerable to a man-in-the-middle attack, caused by a flaw in the handling of message verification failures. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to inject data to the client.. \nCVSS Base score: 3.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229742](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229742>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2022-32250](<https://vulners.com/cve/CVE-2022-32250>) \n**DESCRIPTION: **Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free write flaw in the netfilter subsystem. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/228676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/228676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2022-34169](<https://vulners.com/cve/CVE-2022-34169>) \n**DESCRIPTION: **The Apache Xalan Java XSLT library could allow a remote attacker to execute arbitrary code on the system, caused by an integer truncation issue when processing malicious XSLT stylesheets. By using specially crafted XSLT stylesheets, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/231489](<https://exchange.xforce.ibmcloud.com/vulnerabilities/231489>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Robotic Process Automation for Cloud Pak | &lt; 21.0.5 \n \n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now.** **Product(s)** | **Version(s) number and/or range ** | **Remediation/Fix/Instructions** \n---|---|--- \nIBM Robotic Process Automation for Cloud Pak | &lt; 21.0.5 | Follow [instructions](<https://www.ibm.com/docs/en/rpa/21.0?topic=platform-preparing-applying-upgraded-custom-resource> \"\" ) to update to 21.0.5 or higher. \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "published": "2022-10-24T20:10:11", "modified": "2022-10-24T20:10:11", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10.0}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://www.ibm.com/support/pages/node/6831591", "reporter": "IBM", "references": [], "cvelist": ["CVE-2022-1012", "CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1705", "CVE-2022-1962", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-21540", "CVE-2022-21541", "CVE-2022-2526", "CVE-2022-28131", "CVE-2022-29154", "CVE-2022-30580", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32189", "CVE-2022-32206", "CVE-2022-32208", "CVE-2022-32250", "CVE-2022-34169"], "immutableFields": [], "lastseen": "2023-02-28T01:37:34", "viewCount": 6, "enchantments": {"score": {"value": 1.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY36.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2022:5683", "ALSA-2022:5696", "ALSA-2022:5775", "ALSA-2022:5809", "ALSA-2022:5818", "ALSA-2022:5819", "ALSA-2022:6159", "ALSA-2022:6180", "ALSA-2022:6206", "ALSA-2022:7129", "ALSA-2022:7519", "ALSA-2022:7529", "ALSA-2022:7548", "ALSA-2022:7648"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2022-1586", "ALPINE:CVE-2022-2068"]}, {"type": "altlinux", "idList": ["69D1753D74C2782AF5C4B3E24536D125", "6E23DDCC163A0AA26B171D799284A657", "7B9D23959DFAFEBE8DABE5654510B790", "CCFE1C43CB1C1CB5D4AAB95CC66DB8E3", "FEBB327D54BEB4D7815863E2E1629573"]}, {"type": "amazon", "idList": ["ALAS-2022-1604", "ALAS-2022-1605", "ALAS-2022-1626", "ALAS-2022-1631", "ALAS-2022-1633", "ALAS-2022-1635", "ALAS-2022-1646", "ALAS2-2022-1801", "ALAS2-2022-1813", "ALAS2-2022-1815", "ALAS2-2022-1822", "ALAS2-2022-1823", "ALAS2-2022-1824", "ALAS2-2022-1831", "ALAS2-2022-1832", "ALAS2-2022-1835", "ALAS2-2022-1836", "ALAS2-2022-1846", "ALAS2-2022-1847", "ALAS2-2022-1854", "ALAS2-2022-1858", "ALAS2-2022-1859", "ALAS2-2022-1860", "ALAS2-2022-1861", "ALAS2-2022-1862", "ALAS2-2022-1863", "ALAS2-2022-1864", "ALAS2-2022-1865", "ALAS2-2022-1871", "ALAS2-2022-1873", "ALAS2-2022-1875"]}, {"type": "apple", "idList": ["APPLE:138DC64ECE1F07104C6EF7D22CA29AAF"]}, {"type": "attackerkb", "idList": ["AKB:1FD1AB49-4B03-4316-8CB5-0D5AED193463"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "centos", "idList": ["CESA-2022:5232", "CESA-2022:5687", "CESA-2022:5698", "CESA-2022:6160", "CESA-2022:6170"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2022-0807"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:021E06997683B74BFB351B722EBA5743", "CFOUNDRY:1F1DB4BEF56C7D15A4CC564597DE6378", "CFOUNDRY:A90D0066848A6795976C42C24BE5640C", "CFOUNDRY:B976FF7E95329810C356FAFA31D8F66D", "CFOUNDRY:F2B746A869BB5534012F51CB8C7E051A", "CFOUNDRY:FC9C9ABAC15C6B3196FC38BDD9A749E6"]}, {"type": "cloudlinux", "idList": ["CLSA-2022:1657817606", "CLSA-2022:1659638796", "CLSA-2022:1660761947", "CLSA-2022:1661176564", "CLSA-2022:1662658348"]}, {"type": "cnvd", "idList": ["CNVD-2022-54910"]}, {"type": "cve", "idList": ["CVE-2022-1012", "CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1705", "CVE-2022-1962", "CVE-2022-1966", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-21540", "CVE-2022-21541", "CVE-2022-2526", "CVE-2022-28131", "CVE-2022-29154", "CVE-2022-30580", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32189", "CVE-2022-32206", "CVE-2022-32208", "CVE-2022-32250", "CVE-2022-34169", "CVE-2022-34918"]}, {"type": "debian", "idList": ["DEBIAN:DLA-3008-1:E2717", "DEBIAN:DLA-3065-1:C1710", "DEBIAN:DLA-3085-1:091D8", "DEBIAN:DLA-3155-1:7F32C", "DEBIAN:DLA-3325-1:64304", "DEBIAN:DSA-5139-1:0E208", "DEBIAN:DSA-5161-1:2800F", "DEBIAN:DSA-5169-1:87483", "DEBIAN:DSA-5173-1:5A28E", "DEBIAN:DSA-5188-1:A22C9", "DEBIAN:DSA-5192-1:4B3DB", "DEBIAN:DSA-5197-1:EFC47", "DEBIAN:DSA-5256-1:A51E5", "DEBIAN:DSA-5343-1:765D3"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-1012", "DEBIANCVE:CVE-2022-1292", "DEBIANCVE:CVE-2022-1586", "DEBIANCVE:CVE-2022-1705", "DEBIANCVE:CVE-2022-1962", "DEBIANCVE:CVE-2022-2068", "DEBIANCVE:CVE-2022-2097", "DEBIANCVE:CVE-2022-21540", "DEBIANCVE:CVE-2022-21541", "DEBIANCVE:CVE-2022-2526", "DEBIANCVE:CVE-2022-28131", "DEBIANCVE:CVE-2022-29154", "DEBIANCVE:CVE-2022-30580", "DEBIANCVE:CVE-2022-30629", "DEBIANCVE:CVE-2022-30630", "DEBIANCVE:CVE-2022-30631", "DEBIANCVE:CVE-2022-30632", "DEBIANCVE:CVE-2022-30633", "DEBIANCVE:CVE-2022-30635", "DEBIANCVE:CVE-2022-32148", "DEBIANCVE:CVE-2022-32189", "DEBIANCVE:CVE-2022-32206", "DEBIANCVE:CVE-2022-32208", "DEBIANCVE:CVE-2022-32250", "DEBIANCVE:CVE-2022-34169", "DEBIANCVE:CVE-2022-34918"]}, {"type": "f5", "idList": ["F5:K21600298", "F5:K23605974", "F5:K42795243", "F5:K62444703", "F5:K85932552"]}, {"type": "fedora", "idList": ["FEDORA:0031930683FA", "FEDORA:0036B307251B", "FEDORA:0049730680FF", "FEDORA:0095F30BF557", "FEDORA:00E3C30BF6B2", "FEDORA:0113E30687AB", "FEDORA:01A1130BF696", "FEDORA:025C230BF689", "FEDORA:02B93304938D", "FEDORA:03233304C3D1", "FEDORA:0365E30680FF", "FEDORA:038CF304C819", "FEDORA:03B0F3072535", "FEDORA:0464A30683FA", "FEDORA:057DA30ACC3C", "FEDORA:066AE30683FA", "FEDORA:06AB430569DF", "FEDORA:0701230BF696", "FEDORA:077C53057960", "FEDORA:07B5E304C819", "FEDORA:07D9E30BF566", "FEDORA:07FDE30BF685", "FEDORA:08C493072535", "FEDORA:094A3304C3D1", "FEDORA:098FE30871BC", "FEDORA:09F17304C3D1", "FEDORA:0A0E330BF57F", "FEDORA:0A9C130687AB", "FEDORA:0A9C530BF544", "FEDORA:0AA9E304C5FE", "FEDORA:0B0A3304C3D1", "FEDORA:0B14530683FA", "FEDORA:0B727304C3D1", "FEDORA:0BE2330BF685", "FEDORA:0BFBC30BF557", "FEDORA:0CA2730687AB", "FEDORA:0D2963072EAA", "FEDORA:0DA11307253A", "FEDORA:0DD59304938D", "FEDORA:0E04730BF54A", "FEDORA:0E68B30683FA", "FEDORA:0E70530683FA", "FEDORA:0EB7C30BF689", "FEDORA:0EF3630680FF", "FEDORA:0EFD530BF689", "FEDORA:0F78C304C819", "FEDORA:0F9ED304938D", "FEDORA:0FA3130A5965", "FEDORA:0FFD13072534", "FEDORA:1018230A5965", "FEDORA:10C9C304938D", "FEDORA:1255530BF54A", "FEDORA:12EF53035617", "FEDORA:131F230BF557", "FEDORA:13314305D426", "FEDORA:14008304938D", "FEDORA:1413430BF57F", "FEDORA:142DF30B00AD", "FEDORA:14356304C3D1", "FEDORA:14A363058522", "FEDORA:14DC630BF557", "FEDORA:15000304C5FE", "FEDORA:150DF30BC732", "FEDORA:16D3E3076E49", "FEDORA:175AB30D4C0F", "FEDORA:188FF30BF57F", "FEDORA:1930C304C5FE", "FEDORA:19609304C5FE", "FEDORA:1962330D4C0F", "FEDORA:19CE730C9D9A", "FEDORA:1A69030680FF", "FEDORA:1A75B3072512", "FEDORA:1A9AA3072536", "FEDORA:1B34430687AB", "FEDORA:1B90A304C819", "FEDORA:1BA3D304938D", "FEDORA:1C6A8304C819", "FEDORA:1C84C304C3D1", "FEDORA:1D03330BF68E", "FEDORA:1D03C30BF557", "FEDORA:1D6AA304C819", "FEDORA:1DF6730BF696", "FEDORA:1E1B530BF557", "FEDORA:1E77E30BF8C1", "FEDORA:1E94A30BF568", "FEDORA:1E9BC304C3D1", "FEDORA:1EB9730BF696", "FEDORA:1EFCA30683FA", "FEDORA:1F82E30BF544", "FEDORA:1F83730C3DF7", "FEDORA:1FD283052DF1", "FEDORA:20551304C5FE", "FEDORA:2145730A5965", "FEDORA:2185E3072536", "FEDORA:21CDE306EA30", "FEDORA:226A330680FF", "FEDORA:22B89304938D", "FEDORA:22FCF3068B43", "FEDORA:22FEA304C819", "FEDORA:2411730BF6B4", "FEDORA:242003072512", "FEDORA:244A330680FF", "FEDORA:2465430BF568", "FEDORA:24E03304C5FE", "FEDORA:24E37304C3D1", "FEDORA:25B4F30BF557", "FEDORA:25D73304938D", "FEDORA:26412307250A", "FEDORA:264B930A5965", "FEDORA:2660730BF566", "FEDORA:267AF304C819", "FEDORA:272813047E25", "FEDORA:2734530687AB", "FEDORA:273B03046B35", "FEDORA:274EE30683FA", "FEDORA:27D81304938D", "FEDORA:2811B3058385", "FEDORA:2950F30BF57F", "FEDORA:29DC130BF54A", "FEDORA:2A14E30A5965", "FEDORA:2A7A530BF689", "FEDORA:2A9CE304C3D1", "FEDORA:2C24930BF6BB", "FEDORA:2C57A304C819", "FEDORA:2CA0F304C819", "FEDORA:2CF81304C819", "FEDORA:2D2C43104B07", "FEDORA:2E1EF304C3D1", "FEDORA:2E3DD30BF57F", "FEDORA:2F5243106618", "FEDORA:2FB5430BF566", "FEDORA:301FF30BF685", "FEDORA:30F6430BF694", "FEDORA:30FB8307251B", "FEDORA:3105130680FF", "FEDORA:321AE304C819", "FEDORA:321B7307250A", "FEDORA:3271630A5965", "FEDORA:327F930683FA", "FEDORA:32DDB30BF8EF", "FEDORA:32DF93065945", "FEDORA:33286306DFC8", "FEDORA:3334830BF690", "FEDORA:333FF30A5965", "FEDORA:33937304C819", "FEDORA:33A2A3047E25", "FEDORA:34ABD304E613", "FEDORA:34E3A30B00AD", "FEDORA:3513B304C5FE", "FEDORA:3550F30680FF", "FEDORA:35871304938D", "FEDORA:364FF304C819", "FEDORA:36E04304C5FE", "FEDORA:375BA30BF8CF", "FEDORA:382AE3047E25", "FEDORA:38F783045B40", "FEDORA:391F030BF544", "FEDORA:3980C30A5965", "FEDORA:39F8F306B9A0", "FEDORA:3A2D6304938D", "FEDORA:3A48D304C819", "FEDORA:3A7E83096295", "FEDORA:3AD54304C3D1", "FEDORA:3AF12307252D", "FEDORA:3B98230BF544", "FEDORA:3C5A23072512", "FEDORA:3C8A0304C5FE", "FEDORA:3D47D304C819", "FEDORA:3E5D6304C819", "FEDORA:3E601306B9A0", "FEDORA:3EC36304938D", "FEDORA:3ECA930BAE11", "FEDORA:3EED430ACC3C", "FEDORA:3F18D30683FA", "FEDORA:3F1AD30ACC3C", "FEDORA:3F4F230687AB", "FEDORA:3F733304938D", "FEDORA:3F87430683FA", "FEDORA:3FFC6304C819", "FEDORA:40D35304C819", "FEDORA:40F87302CC3F", "FEDORA:4149D30BC732", "FEDORA:4168B30D4C0F", "FEDORA:4179F30BF8C5", "FEDORA:41BE130BF57F", "FEDORA:4318F3104B2B", "FEDORA:4426B304C819", "FEDORA:449BA30BF8C0", "FEDORA:44DFF30B00AD", "FEDORA:44F01304C5FE", "FEDORA:4534E304C5FE", "FEDORA:4539B310662E", "FEDORA:453D530A5965", "FEDORA:4576E30BF6A0", "FEDORA:45A24310662E", "FEDORA:461F8304938D", "FEDORA:463D5304C5FE", "FEDORA:46F1F307250A", "FEDORA:471F330BF557", "FEDORA:4760B307252D", "FEDORA:4791430BF681", "FEDORA:4794930BF6A3", "FEDORA:47D5F30BF557", "FEDORA:4881F30BF689", "FEDORA:48A67307251B", "FEDORA:490003104B07", "FEDORA:494A9304C819", "FEDORA:496453057960", "FEDORA:4A3B8304C3D1", "FEDORA:4AD2C304C3D1", "FEDORA:4B70130BF54A", "FEDORA:4BA6430BF6BB", "FEDORA:4BF71304C3D1", "FEDORA:4D009304C3D1", "FEDORA:4D9A8304C819", "FEDORA:4D9D1304938D", "FEDORA:4DA2B30BF6BC", "FEDORA:4E058304938D", "FEDORA:4E0BB30A5965", "FEDORA:4EC8130680FF", "FEDORA:4F3DF30509EA", "FEDORA:4F68930BF574", "FEDORA:50926304938D", "FEDORA:50FE2304938D", "FEDORA:517D430BF694", "FEDORA:51CF4307251B", "FEDORA:51F9230B00AD", "FEDORA:525B7304938D", "FEDORA:5284430BF54A", "FEDORA:52A2A30683FA", "FEDORA:52D573072535", "FEDORA:52E333057969", "FEDORA:52EC830680FF", "FEDORA:5318E30BF54A", "FEDORA:53FA330BF691", "FEDORA:5503230BF6A3", "FEDORA:5565B304938D", "FEDORA:5597430B00AD", "FEDORA:56DFD304C3D1", "FEDORA:56E5F30BF566", "FEDORA:57259304C3D1", "FEDORA:575193047E25", "FEDORA:57F4F30ACC3C", "FEDORA:581A8304C819", "FEDORA:58B38304C5FE", "FEDORA:58B81304C5FE", "FEDORA:58C09304C5FE", "FEDORA:58E4330A5965", "FEDORA:58EB530A5965", "FEDORA:5909E304C5FE", "FEDORA:591D3304C557", "FEDORA:595843065945", "FEDORA:595C8304938D", "FEDORA:5B045310662F", "FEDORA:5BF2E30BF699", "FEDORA:5D08B304C5FE", "FEDORA:5D522304C3D1", "FEDORA:5D57430A5965", "FEDORA:5D6473104B07", "FEDORA:5D70A304C819", "FEDORA:5E40530BF8C5", "FEDORA:5E5193072534", "FEDORA:5E6E7304C3D1", "FEDORA:5E763304C819", "FEDORA:5F11D3104B2B", "FEDORA:5F9893072535", "FEDORA:60914304C5FE", "FEDORA:6106B30BF544", "FEDORA:6169E304C5FE", "FEDORA:6197630BF8D7", "FEDORA:6268530BF8C6", "FEDORA:62929304C5FE", "FEDORA:62D7B30BF6AE", "FEDORA:62ECD30BF568", "FEDORA:6304330687AB", "FEDORA:6346A307250A", "FEDORA:6450E30683FA", "FEDORA:648D630BF544", "FEDORA:6561B304C3D1", "FEDORA:6581530683FA", "FEDORA:658F030BF6BC", "FEDORA:65B0C304938D", "FEDORA:6621530680FF", "FEDORA:665F13047E2B", "FEDORA:6682330BF8C1", "FEDORA:67B0730BF683", "FEDORA:67C9830B00AD", "FEDORA:680DF30B00AD", "FEDORA:689003072535", "FEDORA:68C8730BF557", "FEDORA:695A8304C819", "FEDORA:6A16C30683FA", "FEDORA:6A2FD30BF557", "FEDORA:6A31A30680FF", "FEDORA:6A4643072536", "FEDORA:6A710304C3D1", "FEDORA:6A7E230BF694", "FEDORA:6B3C630680FF", "FEDORA:6B462304C3D1", "FEDORA:6BC2230BF8C4", "FEDORA:6DF23304C819", "FEDORA:6DFC530BF54A", "FEDORA:6E22430B00AD", "FEDORA:6E6F530BF54A", "FEDORA:6EF5D304C5FE", "FEDORA:6F744304C5FE", "FEDORA:6FFC0304C3D1", "FEDORA:703E130680FF", "FEDORA:7113D304C819", "FEDORA:7185A30BF57F", "FEDORA:71C29304C3D1", "FEDORA:72B64305719C", "FEDORA:72B9A30683FA", "FEDORA:72FE13106617", "FEDORA:7300D30BF694", "FEDORA:7347130B680C", "FEDORA:73A6A30BF696", "FEDORA:73AE030BF681", "FEDORA:74F503106617", "FEDORA:7540E304938C", "FEDORA:755AF3072537", "FEDORA:75BF530BF544", "FEDORA:75C0530BF54A", "FEDORA:75C4D30BF556", "FEDORA:75FCC307253A", "FEDORA:764AD30680FF", "FEDORA:77AE2304C5FE", "FEDORA:77C64304C3D1", "FEDORA:78B8130BF57F", "FEDORA:78FD0306B9A0", "FEDORA:79077304938D", "FEDORA:7909A30BF681", "FEDORA:7963330680FF", "FEDORA:7965B30BF6BC", "FEDORA:796E9306B992", "FEDORA:7A1993072512", "FEDORA:7AD7B30BF557", "FEDORA:7AE5E30BF557", "FEDORA:7B214304C3D1", "FEDORA:7B40630BF699", "FEDORA:7B6A030680FF", "FEDORA:7C23730687AB", "FEDORA:7C6C330BF688", "FEDORA:7CD3B30B00AD", "FEDORA:7D19B304C819", "FEDORA:7D262307250A", "FEDORA:7D9DB30528F7", "FEDORA:7DCCE30BF6AE", "FEDORA:7DD3E30BF571", "FEDORA:7DE9D30BF6AE", "FEDORA:7E16A304938D", "FEDORA:7E170304C819", "FEDORA:7E17D30683FA", "FEDORA:7EAFA309A18F", "FEDORA:7EDB9304C819", "FEDORA:7F17F307250A", "FEDORA:807CF30A5965", "FEDORA:80F2A3072534", "FEDORA:8165430A5965", "FEDORA:81DA230BF8DB", "FEDORA:820B3304C5FE", "FEDORA:82A1830687AB", "FEDORA:82A4F304C5FE", "FEDORA:82B7330B00AD", "FEDORA:8312630680FF", "FEDORA:8313C304C5FE", "FEDORA:8363F30A5965", "FEDORA:8382F304CB81", "FEDORA:83B40304C819", "FEDORA:8457730683FA", "FEDORA:854A530BF57F", "FEDORA:85C98304C5FE", "FEDORA:86D9C304938D", "FEDORA:8730C3047E25", "FEDORA:8765C3106618", "FEDORA:881FF3046B35", "FEDORA:8882E30B00AD", "FEDORA:8885830A5965", "FEDORA:88FA53106618", "FEDORA:891A4304C3D1", "FEDORA:89A21304C3D1", "FEDORA:89A99304938D", "FEDORA:8A35330BF566", "FEDORA:8AC763106618", "FEDORA:8B042304938D", "FEDORA:8B768304C3D1", "FEDORA:8BB7130BF685", "FEDORA:8BDE3307253A", "FEDORA:8C00E30A5965", "FEDORA:8CC673072534", "FEDORA:8D31D30B00AD", "FEDORA:8D9A030BF696", "FEDORA:8E83D304C819", "FEDORA:8FB28306777D", "FEDORA:8FF5A30BF544", "FEDORA:90D27304C819", "FEDORA:911A4304C3D1", "FEDORA:912DF30BF695", "FEDORA:9160330BF574", "FEDORA:918EF30683FA", "FEDORA:91A3E307251B", "FEDORA:91B9C304C819", "FEDORA:92D4A30BF8D2", "FEDORA:938EF3047E25", "FEDORA:94160304C819", "FEDORA:94B1D30BF57F", "FEDORA:95DA930680F6", "FEDORA:963C6304C5FE", "FEDORA:964B530BF568", "FEDORA:9681430683FA", "FEDORA:9693D304C5FE", "FEDORA:9704E30680FF", "FEDORA:970F230BF699", "FEDORA:9716E304C5FE", "FEDORA:972773072537", "FEDORA:973BF30BF68E", "FEDORA:98438304938D", "FEDORA:9986830BF568", "FEDORA:99B2F30683FA", "FEDORA:9A6B63047E25", "FEDORA:9ABCB30ACC3C", "FEDORA:9AC55304C3D1", "FEDORA:9B1CD30BF8DC", "FEDORA:9B455301E446", "FEDORA:9B65E30BF681", "FEDORA:9B928304C3D1", "FEDORA:9BB57304938D", "FEDORA:9C2C230BF557", "FEDORA:9CEC9304938D", "FEDORA:9D14330BF68E", "FEDORA:9D6483106630", "FEDORA:9DD42304C3D1", "FEDORA:9DD5330BF6AE", "FEDORA:9E70A30BF694", "FEDORA:9EB31304C819", "FEDORA:9EC21304C819", "FEDORA:9EC5B3104B07", "FEDORA:9F6A9304C819", "FEDORA:9FB3730B00AD", "FEDORA:9FE0F304938D", "FEDORA:A02E030A5965", "FEDORA:A0B9A3065945", "FEDORA:A13B7304C5FE", "FEDORA:A14AF30680FF", "FEDORA:A17AE3056A55", "FEDORA:A196F30BF54A", "FEDORA:A23B830BF566", "FEDORA:A2594307250A", "FEDORA:A286D30BF54A", "FEDORA:A2CEE30687AB", "FEDORA:A2E8E30A5965", "FEDORA:A406530BF557", "FEDORA:A44963072537", "FEDORA:A4AE130683FA", "FEDORA:A4B9330BF556", "FEDORA:A4FC7304938D", "FEDORA:A52B830BF689", "FEDORA:A61AB30A5965", "FEDORA:A7241304C5FE", "FEDORA:A823B30BF566", "FEDORA:A8932307252D", "FEDORA:A8CD930BF57F", "FEDORA:A8D4830BF681", "FEDORA:A9839304C3D1", "FEDORA:A99A630680FF", "FEDORA:A9B2430BF689", "FEDORA:A9B95304C5FE", "FEDORA:AA08030BF689", "FEDORA:ABB16306B9A0", "FEDORA:ABE7D304C819", "FEDORA:ABEEB304938D", "FEDORA:AC225304C819", "FEDORA:AC2D130BF54A", "FEDORA:ACF6830BF68E", "FEDORA:AD61A3058385", "FEDORA:ADDD53072512", "FEDORA:AE4E730680FF", "FEDORA:AE52530680EF", "FEDORA:AE6C030BF566", "FEDORA:AEA0D30A5965", "FEDORA:AEBB7304C3D1", "FEDORA:AEC2F30BF8C2", "FEDORA:AEDE330683FA", "FEDORA:AF0B830687AB", "FEDORA:AF30B304938D", "FEDORA:AF53C30BF6AE", "FEDORA:B0A1730680FF", "FEDORA:B1BFC302A933", "FEDORA:B1F6E30687AB", "FEDORA:B233730BF6BC", "FEDORA:B2C0930683FA", "FEDORA:B2D8630BF685", "FEDORA:B320F3106632", "FEDORA:B387A3046B35", "FEDORA:B4158304938D", "FEDORA:B417B304C819", "FEDORA:B44343072512", "FEDORA:B53FA30BF54A", "FEDORA:B651E304C3D1", "FEDORA:B661A30687AB", "FEDORA:B69A5304C5FE", "FEDORA:B6B1430683FA", "FEDORA:B6BC83104B2B", "FEDORA:B6F7430BF6B3", "FEDORA:B821830683FA", "FEDORA:B87DE304C3D1", "FEDORA:B8ABA30D4C0F", "FEDORA:B8B4730BF568", "FEDORA:B8C453072512", "FEDORA:B9157304C819", "FEDORA:B930130B00AD", "FEDORA:B9478304C819", "FEDORA:BA88B30609BB", "FEDORA:BAB3F304938D", "FEDORA:BACD4304C5FE", "FEDORA:BBFE9307253C", "FEDORA:BCE71304C5FE", "FEDORA:BD23C30BF556", "FEDORA:BD84630BF8C5", "FEDORA:BE15830BF557", "FEDORA:BE6BD304C819", "FEDORA:BE89730BF574", "FEDORA:BF522304CB81", "FEDORA:BF819304C3D1", "FEDORA:C0FF7307250A", "FEDORA:C1EC2304C3D1", "FEDORA:C1FC9304C5FE", "FEDORA:C21C1304C819", "FEDORA:C414B304C5FE", "FEDORA:C462F30BF685", "FEDORA:C4B4D304C5FE", "FEDORA:C53B230BF544", "FEDORA:C548030BF696", "FEDORA:C5B1D3072536", "FEDORA:C6795304C5FE", "FEDORA:C6B60306596E", "FEDORA:C6B72304C5FE", "FEDORA:C6F3E30BF69D", "FEDORA:C6F78304C3D1", "FEDORA:C714830BF694", "FEDORA:C7E5D30680FF", "FEDORA:C7F8B30BF681", "FEDORA:C81FE30BF54A", "FEDORA:C8D4630BF681", "FEDORA:C935C30A5965", "FEDORA:C93673104B2B", "FEDORA:CA1D3304C5FE", "FEDORA:CA2C730BF557", "FEDORA:CA4AF30680FF", "FEDORA:CAED4307251B", "FEDORA:CB8BA30B00AD", "FEDORA:CBC7D305D426", "FEDORA:CBFF8304C5FE", "FEDORA:CC46D30680FF", "FEDORA:CC4CA30BF557", "FEDORA:CC65A30687AB", "FEDORA:CC80A30BF689", "FEDORA:CC80D30BF696", "FEDORA:CC84130BF688", "FEDORA:CD22030680FF", "FEDORA:CD2C830BF696", "FEDORA:CE4AA304C819", "FEDORA:CE73730683FA", "FEDORA:CEA00304C819", "FEDORA:CEB833106618", "FEDORA:CEEF730680FF", "FEDORA:CEF0A307252D", "FEDORA:CF25A304C3D1", "FEDORA:CFBB930B00AD", "FEDORA:D00BF30BF689", "FEDORA:D051B30680FF", "FEDORA:D0EFE30BF566", "FEDORA:D103A304C5FE", "FEDORA:D1141304938D", "FEDORA:D1595304938D", "FEDORA:D28ED305E2C3", "FEDORA:D2E7C304C3D1", "FEDORA:D3BA5304C3D1", "FEDORA:D4424307252D", "FEDORA:D453230BF8C0", "FEDORA:D49A730BF6A0", "FEDORA:D5B6730A5965", "FEDORA:D705C30BF544", "FEDORA:D74713072512", "FEDORA:D74D9304C5FE", "FEDORA:D755730ACC3C", "FEDORA:D7570304938D", "FEDORA:D7AEA30BF694", "FEDORA:D7B7B30BF54A", "FEDORA:D802030583BF", "FEDORA:D8AAA30BF6AE", "FEDORA:D8E1830BF557", "FEDORA:D922F30BF566", "FEDORA:D9C5F3056A54", "FEDORA:DA43030BF689", "FEDORA:DA58E30BF8CB", "FEDORA:DB61F304E78E", "FEDORA:DB825304938D", "FEDORA:DBE88304C819", "FEDORA:DC5B0307253A", "FEDORA:DC5D330BF689", "FEDORA:DCEFD30BF566", "FEDORA:DD98530680FF", "FEDORA:DDFED30D4C0F", "FEDORA:DE7E8304C3D1", "FEDORA:DEC25301DFE7", "FEDORA:DEE4E304C819", "FEDORA:DEF0E304C3D1", "FEDORA:DF18830683FA", "FEDORA:DF60E30530BE", "FEDORA:E020E304C5FE", "FEDORA:E0DFE30BF557", "FEDORA:E10F730A5965", "FEDORA:E1537304938D", "FEDORA:E191C3072534", "FEDORA:E200630687AB", "FEDORA:E26F6304C3D1", "FEDORA:E2F063057960", "FEDORA:E35FE30BF685", "FEDORA:E39F630BF6AE", "FEDORA:E438C304938D", "FEDORA:E4C1E306AB41", "FEDORA:E4FB0304C5FE", "FEDORA:E511730BF556", "FEDORA:E52273104B07", "FEDORA:E5B33307250A", "FEDORA:E6212304C819", "FEDORA:E64C230687AB", "FEDORA:E691030B00AD", "FEDORA:E6B6B30BF566", "FEDORA:E6BE2304938D", "FEDORA:E79DE30BF54A", "FEDORA:E807830680FF", "FEDORA:E89C2304938D", "FEDORA:E8CD2304C5FE", "FEDORA:EA40A30680FF", "FEDORA:EA47830BF681", "FEDORA:EA61C3047E25", "FEDORA:EAE35306E5C6", "FEDORA:EB1313072536", "FEDORA:EB5A5304938D", "FEDORA:EBE043099501", "FEDORA:EC08630680FF", "FEDORA:EC23D30683FA", "FEDORA:EC82130BF696", "FEDORA:ECA3130BF688", "FEDORA:ECFDF30BF696", "FEDORA:ED65F30BF685", "FEDORA:EDBDF307251B", "FEDORA:EE41630BF683", "FEDORA:EEB3B30B00AD", "FEDORA:EEC2C304C5FE", "FEDORA:EF6BD3067761", "FEDORA:EFF6B304C819", "FEDORA:F0023304C3D1", "FEDORA:F06503048A39", "FEDORA:F0C8A30BF685", "FEDORA:F371730BF54A"]}, {"type": "freebsd", "idList": ["15888C7E-E659-11EC-B7FE-10C37B4AC2EA", "21F43976-1887-11ED-9911-40B034429ECF", "4B9C1C17-587C-11ED-856E-D4C9EF517024", "4EEB93BF-F204-11EC-8FBD-D4C9EF517024", "7F8D5435-125A-11ED-9A69-10C37B4AC2EA", "8E150606-08C9-11ED-856E-D4C9EF517024", "A28E8B7E-FC70-11EC-856E-D4C9EF517024", "A4F2416C-02A0-11ED-B817-10C37B4AC2EA", "AE5722A6-F5F0-11EC-856E-D4C9EF517024", "B9210706-FEB0-11EC-81FA-1C697A616631", "FCEB2B08-CB76-11EC-A06F-D4C9EF517024"]}, {"type": "gentoo", "idList": ["GLSA-202208-02", "GLSA-202210-02", "GLSA-202212-01"]}, {"type": "github", "idList": ["GHSA-3WX7-46CH-7RQ2", "GHSA-9339-86WC-4QGF"]}, {"type": "githubexploit", "idList": ["20B5E925-0925-5D3D-A3A8-C49AA73BF6D2", "33186A5F-0C7E-5542-AEC3-BEC940C50B5C", "34927D1B-4D9F-5B44-A08D-491384ED675E", "4012995B-2E6C-5B0B-A5D0-B0B4278FDFF8", "404D6E8E-0255-5C32-ABE3-7BD16A827348", "8E0D4DF9-029A-59C5-B3A1-50166EA449CB", "8EB751A4-B8A2-5393-AA52-266560429527", "90D0B73F-6288-58DF-893E-AE5DD3207FA3", "943DB0F0-F2AB-5166-9D88-62FA18433BBD", "9BA7DD91-CA4C-5195-B7A3-C78E108A7B74", "9CBE87B2-5ADC-5DA9-972B-132F77839B5F"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:72DAB7B2D17DB4009F02A3C0AEC8A7AE"]}, {"type": "hackerone", "idList": ["H1:1570651", "H1:1590071", "H1:1614330", "H1:1614332"]}, {"type": "ibm", "idList": ["00D7F5B9A8288919AB4548A77C928214A7A17795F7FF18FD6FA284C19181B10B", "00E427FDE1ED2FCC942B37A9297706D3A726FAC519A340420CCF652F75075CF5", "0344344C5BC1E5BD76915E58268A7771FE5523A39AC168718FA30C6F4E2E5B5F", "0505D8C5E11C0E99E93BD29F133B6B0ACD7C7D98BE2E3E46B53047D320E6B780", "0A198E04B0E285E31B51A3A5F1CB3EF699E84BB16BA8A041719073300ED48D7C", "0D85E5287523B83245752DC2E09287130E098DCDD6446DA2E1DF6BC26D74E767", "0E8825C75106C98D58313648BABDA1E9294C717826116FC4003C15968CD34C0D", "14D5845326705FBAAD23A23263B727D1734C312F54ACC3B31B0CD4B44040B7F7", "168A8FB4B77E0D72FB2C81FB2A52C7E161409377AAA2A6195B1BB5D9683693CA", "1841E92577ACD6AADDBB49C1995A398D151CBC9679F1BA2B9C77425F2E40A55C", "19C4C882864E6146FC051FFD0D6639DA7D33478F602126A11F952529D4692F5D", "1CD24D9BB6CC6131994412DB4971F1CBCAE6B1BCF0242694237661B1E8308C5A", "2007FD1781CF2022D192260E43DD6A6A9D75EAE1E583F1FF51351C7A5D643FB1", "22244F29B6D6A86B5E0E250329E323E3A9106F6468C2C42364FB6E572C51A458", "28AF07FA415EFB4C0600E47198E77EFE267BF4907EB58703528CAAFC4FB07FDE", "291E96DE0C078D60C883AD45A64007F1377458CD24943A8A17D903204D52EF0E", "2A7A7E36601C6E4D31E8BA0D7AAC60D5687103E89CE9D3C6A19F73E786347129", "2BD451F728498A459873394799F530D4D51F43311EBB3F67033751E1E24230B4", "2D1E0AF86890024DCD58C335D3F87CC6F19FEB1FAF93A7135042D81C1A434957", "31461F7C4B45D225CFE7E9B7248DBEA2EB7047FCA3D7C5FC53A6D37D20A6FA1F", "32A60A9C1BA6A62100EB71CDFA36BDD4A97E492CAF4EC2F477EF0C0B4B0BBA9B", "38230E519D378DE2DC75E630BBE3083E23728897D6DA217E2FF09CC4976D9E4A", "3C1A78B2884463FDD0373C1C8B938DC6B62E78494896694E30B6E9004C4B927F", "3D1271D447D8C9B8B4A09CE14FCB0D0A1C30B01772BE3C485E5303C63B850DA0", "43D189034742AFDBA97C60C95ED92A12F537D1C8AAE14A136CC4A601508E6470", "4443FADC35F66CB2BCB006621C9AB426E9DE09C7297783AC62E37E88CB616611", "4799E621AAC3B2F147ABA50C4B1BDDD086D1674BCB8D390C130E00A00C814DF6", "496D1442E6BA8A6137102D042D945E6932A39AD824C40F1EC57D3D14D4666E29", "4D02085D2FC3BBBFFB937600F3D20F307F3BD5CB2B73614927F979C8B91D5559", "50AE699C07E5F70B1AE3CA20358AC40C0A249282AA93BC9AF6AEF12C0640B515", "511CA1E500DC586414BB6B9BB4B63C20269EBEAA9179BDB82DDF8DD35087FBA8", "579B3E4AEEBFE2F354CC5701A955BC373C28300C7CF3CEAAD268410F2BAD7847", "57F5D196D0ED96B7C130C6725991161D567B035CCEBFDA3BA7666320B13BE3DB", "5847C6A43B9374608436806349F8DF60D26A6BD6AA1E53665DE28690D684C5FF", "58942187750FE51475FC153C3365F0A232A58011A0B3369E6D2C7B24AEC2CB46", "5B63337BED8D1831437D9E9CDA230341D96CD4E72BF44B64671DD96E2E83D164", "5B94B82BCC3B58026270D02D14DED2CA94DC002273698034F1BF4731A17FCD56", "5E515191EECA02B1DF418694EBE346A88E886182E3BF92879657EDDCAF8C3BCD", "5F4A0C2884928132058FB1F6A2A491E93E6AD59F7652C09398215C3B1702DA1D", "616B9D338FE05387920626E6D84C2A0408648EB65F12DE09DFF54DA7C324206C", "63C8B1DC63A3A0D366B1AA0E3DB24BD123F14B4EB29B74139B4FE1590E5E48A3", "658244F401DC89C434581EA981F2B764CE3CCD8561DE2C90348889D367179DDA", "6633C4F2A1D21D1D5E14BC83D6A9A6A198930F1D2E1B2369B98E573231CBFFBA", "6994DB9FF8EDDCBEB06E15718DA8FA8CDAE33F0D45671CA89D2EEFBFC761C838", "6D306799B99F3589A7EC7C7F4974A3631F7D2EC4A6235A8EEBDBFC6E98A9F757", "6F16F136BCBC8DF0C1DBC581FA13A1E792D2E9E47A077464DED21E407E2254EA", "6F4E5F0514046C4DFF7589304AC388DE078407580FB80C083E9C6EEB1EF34EAA", "70C52835D439D05D295FB163B1E67786F3104DC1F4B9CD79AC81516B21B46D46", "71D0066AB30B4D7CDBC8617E06029534108D1E91FB970B489F24F94CE6A185D1", "74767FAF408C31EF10FD36E87F8FF06644380251DEDF0B8DF0EAD56F9291B3E7", "77749493A2DBD6936C13EAA63911F6136F55AE09D2D48DC2785E79841B40FED4", "77A5CD46FD3C6940EFC34DE8C8AA831927106A12E0E3EAC862A5D46723F4092E", "7A34C5EA3878227646136480AF345DCC5DF882B26F65D3380EC0064BCCA45485", "7A4AFD1BE9A50524DAF7608F419D48BD995FB5D2B34699E4BD6C92C226B15726", "7B614296DA3E2724AE6DAB84E18EEDD256F0912D1BCD8AD522657BCB05C688CF", "7F16B180A017EE946A9293B7F73BB16643FA0EDB494E3BDE4E5E8DC3D7C98EE5", "80677B3F51E62D583D34B4C27E3BEC18B4021761B9E5FDFD6BFC664229840133", "80E527495DB4E208CB1D10F4F80A8C90E9AA9D332FD8D3465D8013D5CD895A38", "8179A3903584C27193924DDC106FB30D81DA90EC7483D34D417B2A8E24E5A851", "8252E44A34109A3FF009BBFE514754BDBBDA4A863EC3277626019A6C284A3C94", "844D4377DE7D11C183AEF7BEEBFF5150237624CCAE269BEC3996C7B05598840C", "879E8572F695F122B3D44941AF873DE14517F9962FFACEA2E0F06FAE2D39D0EC", "88007251DE025BA6920FEFA3D83D23EBBCF56329C41A8CEA9B069696B51EB15F", "888AC6CE99B291DF2AE2CA6EF15D575728F4461472C45FFCEB2B5E8A78735820", "8C3C0E9964D5A95A2F931FEBA9B17C8AC4BA9FF457A7F03750A8C994BF2BDAC4", "8D3DC4C0F4B602401A017F1C43683FCAA488ACB5436C20C977220D96118FA802", "8F5E37B1492215750DE26664A7C69EEF4EF0583C2F012D3F658AE9A44437DA40", "8FE6A7F075F86C24AA6EB4751889925EF3E6DEAF59DA441D1C361342182F6645", "90AC6404BEC26EE04C5116EFE61EADA448F6BE4B15643F95B0E2C306615BA410", "92F8956056EF6268D828C1C081F6A6051735CC82E17F4C1676ED7478BA3F90A0", "954B901FB199DE0B672BB799941A63760A9851C6EF21D1CDD9356E28D85DFB83", "9571CC4C328FC49BDE460E3DDB8089A16540E8193A13ACAE69B87BCD550C3EF1", "96D4152DE1D591E0C07748B17639CA32E83418ACCDE15888065A9CB41E619103", "97769C49B35E25C6B8FA85B9C97DAEDD858E7FBBFD2A1F42B1908E247FD64213", "9A36428D0FC14586B1CFD0917D5A540994A007817B22465BD9C03FF64BCF0244", "9B25740319B5D7DBD05732DCF41160210755EEFFEA514E1EE4D106925CB2C1D5", "9B5E5BC13D4397737B050BD8441A6D224B8904878CC85547639E0E0B26AE58F4", "9F1CABD3527BC3FA5C4B8E3834920B11E7FB3196D76ECD7B9C586F89850BCFCF", "9FD583B4EB98DE738D4995A7051ACB001233C81BBDFA0CEB3450CE85EA2D30A9", "A4C7F1899089B546ED394AE8F6988B8EE42E053E0111886BE9FBF60DD7E72474", "A9E95ACFA12F14901F06AEB72CE135C981AC1F52E5EEB65793FACC0F0CBD2136", "AC8A176111C5D0EEF4CBEEF646DE5672F13451B994F8BB844C6C076689090D26", "AD6CCE2A1D5A9869BD583668A696E96D5711DC6790008CC35A1991D46E49ABE2", "AE567113545218823FAE52D3A477168F041C0F35D4EE0A605E4BEBE15225DAAD", "B2935D1E5D6DCB8DDCB55DAB9AFC84173D173B6F585344249BE7D99FD52CC06C", "B2E84ED495D2BAF78EDDC226E0997571F1E0725DE0BB3E158D2DC6563F0C0FF3", "B39CDF48277B5A1E5E74388C6E0EA6AFB8F6FEA1ED51299E44E0AEE4AC404FF6", "B492F0296BDA567C4F98187476A828370D969E5E55C2ADEF50B3218415B91F81", "B830CCF31E1D88229EC24AF173721EB21408C7EA200317E4C1BFEF78EA3DEA90", "BB835784EC2D9827E0C713B8CEBB22D4D036E9F7C61CB083D60E4560EC27B247", "BEE2F0B9EB777EFAB0969E75C6AA811239753CA8FC3BFB3483BC57555F17DA20", "BEE5E5DB520EA27AD3E9D28AB2947012B002F3FA33DD8359FAC9C5173657E3FC", "BFF9E7158120F8B43A89CEF476D8622AA1DB0E88B693EA0C9A09920DE0FF7A06", "C054DE525045D4972972C9A7C5876A4C8720E0C0C8D341264A0FEEB56B8EB5DD", "C23DCC9148257FA64991DBAA915D0F26FF1220405B33493B5C4DA79CC6DA13A5", "C71235B9EB6EDAE21C87F038209FAA80F05E9B26A6336CECB453B01119F347D8", "C78ADDC242FF231DC015D95FD5CD4F0B13044D3779FED615D8FEF3677D378A3D", "CA40EA672B6EDDE5021E0ED9BE44895EC2C02F4C29629FDBEBD6E886E97E1455", "D0ECA589AFF43C5195AFD20F65884B7E577C50A6D0FDA18EAEDC8165498E1CC8", "DD014F1A813600ACA0D595671383D2852A6C9DB1223439E2A4DA4BD7ED9B8BB5", "DE3422F091BEAF937A6AAF2F474509A669B7CE95027496E1A397C52DB56CA841", "DEB42D37472DABA41D449842B1B5C261C9033E9118FC181AE309B0216062035B", "E1A1D552E78033169678134FE5961F6004062983C1F460B7BF4BC91470F5CDBC", "E20535CF9A056DC817B60582190FBB4DDCB7E1BFAA691A8A3587856D26D28792", "E227F6C1872E7F9A67C37F74BF85374865A13419EF761CE2F141A77A56686485", "E2381A6E18E2453CE7B305652CBC894FB1DA5C1F14445C38A8D61EB54D2C9A96", "E3E1561E62C1342A9E57F3FDEAFCCD7BD9FDE04EC3809D8BA125EC1ABD1ECE37", "E487FF91BBF956150824060BD6886B29AABF641CB1F5C839DA758246BAFF4281", "E86F95B423516140DF23D5DD16D74175F74D96C23CCC412FE50D4D07B828F8A1", "E8B622A20154C0D070D4BFC473B062648A8B30F2DC4928FABC794E27583489A8", "E8EFCA8810003524E6931CD5AFDC084870201D5052BAC467C09EBF324F61A84B", "E94E3F558B12457990C6237C147DC547868710DA658DAAF391DA1D69F56EA2A1", "EA14EC6134110E482A82A70BFDEAD48335455A70FA71C151C62860AACE47AA41", "EBF7FAC69068575846327A4CBDC56FA371BCD390746BA7B0C955566A104AD9B3", "ECE800B94D9FF0A69B0B09AF151DC923542D6BF91DB203FF288F37FA45849631", "ECEA81167474E628676BE2220B7270046550BA299B21A5F78C0C55243D2787DC", "ED5CC772C4879175949A026879AB98730A2CB44FA2A70F04E865D49394F0358A", "F2018DF6B5783A154F66D47CF61A02700B33271E5A9BF9B7EA3DF4AD976BD52B", "F42698819438A0AFD00188966548F0688DA81186746B5D708D7F1D8C8274475E", "F6A8FCCCCDFD07AD745A1DB2E59B89AC71F4BB462395AE22A36C32F72FACD220", "F7A6477C1B14AA0D43117B4EC882157DA5211AA8E68BDE96AFDE742CE85551BD", "F819B5088D56221A67A8DD0AFCD20489D289C9071CDF9233380C06A6CB97CF82", "F96C14C4670BF2970578877304F86FD985860F96EB5A331A5EE62FAA61BA548D", "FAB85B7F13808580670E0DDA61E3FA4A6A4AFA2F01B60BE03DFA6B1BB7EE7932", "FB73DD29E703B2E5FE969689D0C1C72E123F823CDE33C9FB0AA1F550080057EC", "FD0169F3AFC31A4C1DB0963A8A7D69906A9B7AFA2CD77DB9B90B743256EB9F44"]}, {"type": "ics", "idList": ["ICSA-22-221-01"]}, {"type": "kaspersky", "idList": ["KLA12588"]}, {"type": "mageia", "idList": ["MGASA-2022-0173", "MGASA-2022-0194", "MGASA-2022-0195", "MGASA-2022-0231", "MGASA-2022-0246", "MGASA-2022-0250", "MGASA-2022-0255", "MGASA-2022-0262", "MGASA-2022-0283", "MGASA-2022-0302", "MGASA-2022-0417", "MGASA-2022-0435"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-071.NASL", "AL2022_ALAS2022-2022-104.NASL", "AL2022_ALAS2022-2022-105.NASL", "AL2022_ALAS2022-2022-111.NASL", "AL2022_ALAS2022-2022-112.NASL", "AL2022_ALAS2022-2022-113.NASL", "AL2022_ALAS2022-2022-114.NASL", "AL2022_ALAS2022-2022-119.NASL", "AL2022_ALAS2022-2022-120.NASL", "AL2022_ALAS2022-2022-121.NASL", "AL2022_ALAS2022-2022-123.NASL", "AL2022_ALAS2022-2022-145.NASL", "AL2022_ALAS2022-2022-147.NASL", "AL2022_ALAS2022-2022-148.NASL", "AL2022_ALAS2022-2022-151.NASL", "AL2022_ALAS2022-2022-152.NASL", "AL2022_ALAS2022-2022-153.NASL", "AL2022_ALAS2022-2022-158.NASL", "AL2022_ALAS2022-2022-185.NASL", "AL2022_ALAS2022-2022-191.NASL", "AL2022_ALAS2022-2022-192.NASL", "AL2022_ALAS2022-2022-193.NASL", "AL2022_ALAS2022-2022-195.NASL", "AL2022_ALAS2022-2022-206.NASL", "AL2_ALAS-2022-1801.NASL", "AL2_ALAS-2022-1813.NASL", "AL2_ALAS-2022-1815.NASL", "AL2_ALAS-2022-1822.NASL", "AL2_ALAS-2022-1823.NASL", "AL2_ALAS-2022-1824.NASL", "AL2_ALAS-2022-1831.NASL", "AL2_ALAS-2022-1832.NASL", "AL2_ALAS-2022-1835.NASL", "AL2_ALAS-2022-1836.NASL", "AL2_ALAS-2022-1846.NASL", "AL2_ALAS-2022-1847.NASL", "AL2_ALAS-2022-1854.NASL", "AL2_ALAS-2022-1858.NASL", "AL2_ALAS-2022-1859.NASL", "AL2_ALAS-2022-1860.NASL", "AL2_ALAS-2022-1861.NASL", "AL2_ALAS-2022-1862.NASL", "AL2_ALAS-2022-1863.NASL", "AL2_ALAS-2022-1864.NASL", "AL2_ALAS-2022-1865.NASL", "AL2_ALAS-2022-1871.NASL", "AL2_ALAS-2022-1873.NASL", "AL2_ALAS-2022-1875.NASL", "AL2_ALASCORRETTO8-2022-003.NASL", "AL2_ALASDOCKER-2022-020.NASL", "AL2_ALASJAVA-OPENJDK11-2022-002.NASL", "AL2_ALASKERNEL-5_10-2022-015.NASL", "AL2_ALASKERNEL-5_10-2022-016.NASL", "AL2_ALASKERNEL-5_10-2022-017.NASL", "AL2_ALASKERNEL-5_10-2022-018.NASL", "AL2_ALASKERNEL-5_15-2022-002.NASL", "AL2_ALASKERNEL-5_15-2022-003.NASL", "AL2_ALASKERNEL-5_15-2022-004.NASL", "AL2_ALASKERNEL-5_15-2022-005.NASL", "AL2_ALASKERNEL-5_4-2022-028.NASL", "AL2_ALASKERNEL-5_4-2022-030.NASL", "AL2_ALASKERNEL-5_4-2022-032.NASL", "AL2_ALASKERNEL-5_4-2022-034.NASL", "ALA_ALAS-2022-1604.NASL", "ALA_ALAS-2022-1605.NASL", "ALA_ALAS-2022-1626.NASL", "ALA_ALAS-2022-1631.NASL", "ALA_ALAS-2022-1633.NASL", "ALA_ALAS-2022-1635.NASL", "ALA_ALAS-2022-1646.NASL", "ALMA_LINUX_ALSA-2022-5214.NASL", "ALMA_LINUX_ALSA-2022-5249.NASL", "ALMA_LINUX_ALSA-2022-5251.NASL", "ALMA_LINUX_ALSA-2022-5267.NASL", "ALMA_LINUX_ALSA-2022-5683.NASL", "ALMA_LINUX_ALSA-2022-5695.NASL", "ALMA_LINUX_ALSA-2022-5696.NASL", "ALMA_LINUX_ALSA-2022-5709.NASL", "ALMA_LINUX_ALSA-2022-5736.NASL", "ALMA_LINUX_ALSA-2022-5775.NASL", "ALMA_LINUX_ALSA-2022-5799.NASL", "ALMA_LINUX_ALSA-2022-5809.NASL", "ALMA_LINUX_ALSA-2022-5818.NASL", "ALMA_LINUX_ALSA-2022-5819.NASL", "ALMA_LINUX_ALSA-2022-5834.NASL", "ALMA_LINUX_ALSA-2022-6157.NASL", "ALMA_LINUX_ALSA-2022-6159.NASL", "ALMA_LINUX_ALSA-2022-6180.NASL", "ALMA_LINUX_ALSA-2022-6181.NASL", "ALMA_LINUX_ALSA-2022-6206.NASL", "ALMA_LINUX_ALSA-2022-6224.NASL", "ALMA_LINUX_ALSA-2022-7129.NASL", "ALMA_LINUX_ALSA-2022-7519.NASL", "ALMA_LINUX_ALSA-2022-7529.NASL", "ALMA_LINUX_ALSA-2022-7548.NASL", "ALMA_LINUX_ALSA-2022-7648.NASL", "ALMA_LINUX_ALSA-2022-7950.NASL", "ALMA_LINUX_ALSA-2022-8057.NASL", "ALMA_LINUX_ALSA-2022-8098.NASL", "ALMA_LINUX_ALSA-2022-8250.NASL", "AMAZON_CORRETTO_11_0_16_8_1.NASL", "AMAZON_CORRETTO_17_0_4_8_1.NASL", "AMAZON_CORRETTO_18_0_2_9_1.NASL", "AMAZON_CORRETTO_8_342_07_1.NASL", "AZUL_ZULU_18_32.NASL", "CENTOS8_RHSA-2022-5775.NASL", "CENTOS8_RHSA-2022-7519.NASL", "CENTOS8_RHSA-2022-7529.NASL", "CENTOS8_RHSA-2022-7548.NASL", "CENTOS8_RHSA-2022-7648.NASL", "CENTOS_RHSA-2022-5687.NASL", "CENTOS_RHSA-2022-5698.NASL", "CENTOS_RHSA-2022-6160.NASL", "CENTOS_RHSA-2022-6170.NASL", "DEBIAN_DLA-3008.NASL", "DEBIAN_DLA-3065.NASL", "DEBIAN_DLA-3085.NASL", "DEBIAN_DLA-3155.NASL", "DEBIAN_DLA-3325.NASL", "DEBIAN_DSA-5139.NASL", "DEBIAN_DSA-5161.NASL", "DEBIAN_DSA-5169.NASL", "DEBIAN_DSA-5173.NASL", "DEBIAN_DSA-5188.NASL", "DEBIAN_DSA-5191.NASL", "DEBIAN_DSA-5192.NASL", "DEBIAN_DSA-5197.NASL", "DEBIAN_DSA-5256.NASL", "DEBIAN_DSA-5343.NASL", "DELL_WYSE_MANAGEMENT_SUITE_DSA-2022-329_4_0.NASL", "EULEROS_SA-2022-1909.NASL", "EULEROS_SA-2022-1924.NASL", "EULEROS_SA-2022-1943.NASL", "EULEROS_SA-2022-1944.NASL", "EULEROS_SA-2022-1945.NASL", "EULEROS_SA-2022-1977.NASL", "EULEROS_SA-2022-1999.NASL", "EULEROS_SA-2022-2007.NASL", "EULEROS_SA-2022-2090.NASL", "EULEROS_SA-2022-2098.NASL", "EULEROS_SA-2022-2118.NASL", "EULEROS_SA-2022-2134.NASL", "EULEROS_SA-2022-2143.NASL", "EULEROS_SA-2022-2168.NASL", "EULEROS_SA-2022-2215.NASL", "EULEROS_SA-2022-2225.NASL", "EULEROS_SA-2022-2228.NASL", "EULEROS_SA-2022-2244.NASL", "EULEROS_SA-2022-2247.NASL", "EULEROS_SA-2022-2257.NASL", "EULEROS_SA-2022-2260.NASL", "EULEROS_SA-2022-2276.NASL", "EULEROS_SA-2022-2288.NASL", "EULEROS_SA-2022-2292.NASL", "EULEROS_SA-2022-2300.NASL", "EULEROS_SA-2022-2301.NASL", "EULEROS_SA-2022-2310.NASL", "EULEROS_SA-2022-2317.NASL", "EULEROS_SA-2022-2321.NASL", "EULEROS_SA-2022-2329.NASL", "EULEROS_SA-2022-2330.NASL", "EULEROS_SA-2022-2341.NASL", "EULEROS_SA-2022-2348.NASL", "EULEROS_SA-2022-2360.NASL", "EULEROS_SA-2022-2361.NASL", "EULEROS_SA-2022-2384.NASL", "EULEROS_SA-2022-2396.NASL", "EULEROS_SA-2022-2397.NASL", "EULEROS_SA-2022-2413.NASL", "EULEROS_SA-2022-2415.NASL", "EULEROS_SA-2022-2419.NASL", "EULEROS_SA-2022-2426.NASL", "EULEROS_SA-2022-2428.NASL", "EULEROS_SA-2022-2432.NASL", "EULEROS_SA-2022-2439.NASL", "EULEROS_SA-2022-2440.NASL", "EULEROS_SA-2022-2441.NASL", "EULEROS_SA-2022-2446.NASL", "EULEROS_SA-2022-2448.NASL", "EULEROS_SA-2022-2450.NASL", "EULEROS_SA-2022-2454.NASL", "EULEROS_SA-2022-2465.NASL", "EULEROS_SA-2022-2466.NASL", "EULEROS_SA-2022-2476.NASL", "EULEROS_SA-2022-2479.NASL", "EULEROS_SA-2022-2525.NASL", "EULEROS_SA-2022-2548.NASL", "EULEROS_SA-2022-2549.NASL", "EULEROS_SA-2022-2566.NASL", "EULEROS_SA-2022-2578.NASL", "EULEROS_SA-2022-2579.NASL", "EULEROS_SA-2022-2580.NASL", "EULEROS_SA-2022-2616.NASL", "EULEROS_SA-2022-2617.NASL", "EULEROS_SA-2022-2619.NASL", "EULEROS_SA-2022-2629.NASL", "EULEROS_SA-2022-2651.NASL", "EULEROS_SA-2022-2664.NASL", "EULEROS_SA-2022-2683.NASL", "EULEROS_SA-2022-2696.NASL", "EULEROS_SA-2022-2710.NASL", "EULEROS_SA-2022-2731.NASL", "EULEROS_SA-2022-2742.NASL", "EULEROS_SA-2022-2766.NASL", "EULEROS_SA-2022-2777.NASL", "EULEROS_SA-2022-2795.NASL", "EULEROS_SA-2022-2852.NASL", "EULEROS_SA-2022-2868.NASL", "EULEROS_SA-2022-2872.NASL", "EULEROS_SA-2022-2873.NASL", "EULEROS_SA-2022-2877.NASL", "EULEROS_SA-2022-2886.NASL", "EULEROS_SA-2022-2890.NASL", "EULEROS_SA-2022-2891.NASL", "EULEROS_SA-2022-2895.NASL", "EULEROS_SA-2022-2916.NASL", "EULEROS_SA-2022-2942.NASL", "EULEROS_SA-2023-1203.NASL", "EULEROS_SA-2023-1233.NASL", "EULEROS_SA-2023-1281.NASL", "EULEROS_SA-2023-1290.NASL", "EULEROS_SA-2023-1339.NASL", "FEDORA_2022-E56085BA31.NASL", "FREEBSD_PKG_15888C7EE65911ECB7FE10C37B4AC2EA.NASL", "FREEBSD_PKG_21F43976188711ED991140B034429ECF.NASL", "FREEBSD_PKG_4B9C1C17587C11ED856ED4C9EF517024.NASL", "FREEBSD_PKG_4EEB93BFF20411EC8FBDD4C9EF517024.NASL", "FREEBSD_PKG_7F8D5435125A11ED9A6910C37B4AC2EA.NASL", "FREEBSD_PKG_8E15060608C911ED856ED4C9EF517024.NASL", "FREEBSD_PKG_A28E8B7EFC7011EC856ED4C9EF517024.NASL", "FREEBSD_PKG_A4F2416C02A011EDB81710C37B4AC2EA.NASL", "FREEBSD_PKG_AE5722A6F5F011EC856ED4C9EF517024.NASL", "FREEBSD_PKG_B9210706FEB011EC81FA1C697A616631.NASL", "FREEBSD_PKG_FCEB2B08CB7611ECA06FD4C9EF517024.NASL", "GENTOO_GLSA-202208-02.NASL", "GENTOO_GLSA-202210-02.NASL", "GENTOO_GLSA-202212-01.NASL", "IBM_JAVA_2022_07_19.NASL", "MYSQL_5_7_39.NASL", "MYSQL_5_7_40.NASL", "MYSQL_8_0_30.NASL", "MYSQL_8_0_31.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_32.NASL", "NEWSTART_CGSL_NS-SA-2022-0079_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2022-0100_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2023-0001_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0001_RSYNC.NASL", "NEWSTART_CGSL_NS-SA-2023-0005_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0006_RSYNC.NASL", "NODEJS_2022_JUL.NASL", "NUTANIX_NXSA-AHV-20220304_10013.NASL", "NUTANIX_NXSA-AHV-20220304_242.NASL", "NUTANIX_NXSA-AOS-5_20_5.NASL", "NUTANIX_NXSA-AOS-6_5_1_5.NASL", "NUTANIX_NXSA-AOS-6_5_2.NASL", "NUTANIX_NXSA-AOS-6_6.NASL", "OPENJDK_2022-07-19.NASL", "OPENSSL_1_0_2ZE.NASL", "OPENSSL_1_0_2ZF.NASL", "OPENSSL_1_1_1O.NASL", "OPENSSL_1_1_1P.NASL", "OPENSSL_1_1_1Q.NASL", "OPENSSL_3_0_3.NASL", "OPENSSL_3_0_4.NASL", "OPENSSL_3_0_5.NASL", "ORACLELINUX_ELSA-2022-17956.NASL", "ORACLELINUX_ELSA-2022-17957.NASL", "ORACLELINUX_ELSA-2022-20693.NASL", "ORACLELINUX_ELSA-2022-20694.NASL", "ORACLELINUX_ELSA-2022-23681.NASL", "ORACLELINUX_ELSA-2022-24267.NASL", "ORACLELINUX_ELSA-2022-5232.NASL", "ORACLELINUX_ELSA-2022-5249.NASL", "ORACLELINUX_ELSA-2022-5251.NASL", "ORACLELINUX_ELSA-2022-5683.NASL", "ORACLELINUX_ELSA-2022-5687.NASL", "ORACLELINUX_ELSA-2022-5695.NASL", "ORACLELINUX_ELSA-2022-5696.NASL", "ORACLELINUX_ELSA-2022-5698.NASL", "ORACLELINUX_ELSA-2022-5709.NASL", "ORACLELINUX_ELSA-2022-5726.NASL", "ORACLELINUX_ELSA-2022-5736.NASL", "ORACLELINUX_ELSA-2022-5775.NASL", "ORACLELINUX_ELSA-2022-5799.NASL", "ORACLELINUX_ELSA-2022-5809.NASL", "ORACLELINUX_ELSA-2022-5818.NASL", "ORACLELINUX_ELSA-2022-5819.NASL", "ORACLELINUX_ELSA-2022-6157.NASL", "ORACLELINUX_ELSA-2022-6159.NASL", "ORACLELINUX_ELSA-2022-6160.NASL", "ORACLELINUX_ELSA-2022-6170.NASL", "ORACLELINUX_ELSA-2022-6180.NASL", "ORACLELINUX_ELSA-2022-6181.NASL", "ORACLELINUX_ELSA-2022-6206.NASL", "ORACLELINUX_ELSA-2022-6224.NASL", "ORACLELINUX_ELSA-2022-6610.NASL", "ORACLELINUX_ELSA-2022-7129.NASL", "ORACLELINUX_ELSA-2022-7519.NASL", "ORACLELINUX_ELSA-2022-7529.NASL", "ORACLELINUX_ELSA-2022-7548.NASL", "ORACLELINUX_ELSA-2022-7648.NASL", "ORACLELINUX_ELSA-2022-7950.NASL", "ORACLELINUX_ELSA-2022-8057.NASL", "ORACLELINUX_ELSA-2022-8250.NASL", "ORACLELINUX_ELSA-2022-9667.NASL", "ORACLELINUX_ELSA-2022-9683.NASL", "ORACLELINUX_ELSA-2022-9751.NASL", "ORACLELINUX_ELSA-2022-9827.NASL", "ORACLELINUX_ELSA-2022-9830.NASL", "ORACLEVM_OVMSA-2022-0021.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_CPU_JUL_2022.NASL", "ORACLE_ESSBASE_CPU_JAN_2023.NASL", "ORACLE_JAVA_CPU_JUL_2022.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_OCT_2022.NASL", "ORACLE_RDBMS_CPU_OCT_2022.NASL", "REDHAT-RHSA-2022-5214.NASL", "REDHAT-RHSA-2022-5216.NASL", "REDHAT-RHSA-2022-5220.NASL", "REDHAT-RHSA-2022-5224.NASL", "REDHAT-RHSA-2022-5232.NASL", "REDHAT-RHSA-2022-5236.NASL", "REDHAT-RHSA-2022-5249.NASL", "REDHAT-RHSA-2022-5251.NASL", "REDHAT-RHSA-2022-5267.NASL", "REDHAT-RHSA-2022-5439.NASL", "REDHAT-RHSA-2022-5476.NASL", "REDHAT-RHSA-2022-5626.NASL", "REDHAT-RHSA-2022-5633.NASL", "REDHAT-RHSA-2022-5636.NASL", "REDHAT-RHSA-2022-5641.NASL", "REDHAT-RHSA-2022-5648.NASL", "REDHAT-RHSA-2022-5681.NASL", "REDHAT-RHSA-2022-5683.NASL", "REDHAT-RHSA-2022-5684.NASL", "REDHAT-RHSA-2022-5685.NASL", "REDHAT-RHSA-2022-5687.NASL", "REDHAT-RHSA-2022-5695.NASL", "REDHAT-RHSA-2022-5696.NASL", "REDHAT-RHSA-2022-5697.NASL", "REDHAT-RHSA-2022-5698.NASL", "REDHAT-RHSA-2022-5700.NASL", "REDHAT-RHSA-2022-5701.NASL", "REDHAT-RHSA-2022-5709.NASL", "REDHAT-RHSA-2022-5726.NASL", "REDHAT-RHSA-2022-5736.NASL", "REDHAT-RHSA-2022-5775.NASL", "REDHAT-RHSA-2022-5799.NASL", "REDHAT-RHSA-2022-5802.NASL", "REDHAT-RHSA-2022-5804.NASL", "REDHAT-RHSA-2022-5805.NASL", "REDHAT-RHSA-2022-5806.NASL", "REDHAT-RHSA-2022-5809.NASL", "REDHAT-RHSA-2022-5818.NASL", "REDHAT-RHSA-2022-5819.NASL", "REDHAT-RHSA-2022-5834.NASL", "REDHAT-RHSA-2022-5839.NASL", "REDHAT-RHSA-2022-5866.NASL", "REDHAT-RHSA-2022-6061.NASL", "REDHAT-RHSA-2022-6062.NASL", "REDHAT-RHSA-2022-6065.NASL", "REDHAT-RHSA-2022-6066.NASL", "REDHAT-RHSA-2022-6073.NASL", "REDHAT-RHSA-2022-6075.NASL", "REDHAT-RHSA-2022-6102.NASL", "REDHAT-RHSA-2022-6157.NASL", "REDHAT-RHSA-2022-6159.NASL", "REDHAT-RHSA-2022-6160.NASL", "REDHAT-RHSA-2022-6161.NASL", "REDHAT-RHSA-2022-6162.NASL", "REDHAT-RHSA-2022-6163.NASL", "REDHAT-RHSA-2022-6170.NASL", "REDHAT-RHSA-2022-6171.NASL", "REDHAT-RHSA-2022-6172.NASL", "REDHAT-RHSA-2022-6173.NASL", "REDHAT-RHSA-2022-6180.NASL", "REDHAT-RHSA-2022-6181.NASL", "REDHAT-RHSA-2022-6206.NASL", "REDHAT-RHSA-2022-6224.NASL", "REDHAT-RHSA-2022-6277.NASL", "REDHAT-RHSA-2022-6535.NASL", "REDHAT-RHSA-2022-6551.NASL", "REDHAT-RHSA-2022-7129.NASL", "REDHAT-RHSA-2022-7519.NASL", "REDHAT-RHSA-2022-7529.NASL", "REDHAT-RHSA-2022-7548.NASL", "REDHAT-RHSA-2022-7648.NASL", "REDHAT-RHSA-2022-7950.NASL", "REDHAT-RHSA-2022-8057.NASL", "REDHAT-RHSA-2022-8098.NASL", "REDHAT-RHSA-2022-8250.NASL", "REDHAT-RHSA-2022-8534.NASL", "REDHAT-RHSA-2022-8626.NASL", "REDHAT-RHSA-2022-8840.NASL", "REDHAT-RHSA-2022-8917.NASL", "ROCKY_LINUX_RLSA-2022-5683.NASL", "ROCKY_LINUX_RLSA-2022-5696.NASL", "ROCKY_LINUX_RLSA-2022-5726.NASL", "ROCKY_LINUX_RLSA-2022-5799.NASL", "ROCKY_LINUX_RLSA-2022-5819.NASL", "ROCKY_LINUX_RLSA-2022-5834.NASL", "ROCKY_LINUX_RLSA-2022-6159.NASL", "ROCKY_LINUX_RLSA-2022-6180.NASL", "ROCKY_LINUX_RLSA-2022-6206.NASL", "ROCKY_LINUX_RLSA-2022-7129.NASL", "ROCKY_LINUX_RLSA-2022-7950.NASL", "ROCKY_LINUX_RLSA-2022-8057.NASL", "ROCKY_LINUX_RLSA-2022-8098.NASL", "SLACKWARE_SSA_2022-124-02.NASL", "SLACKWARE_SSA_2022-174-01.NASL", "SLACKWARE_SSA_2022-179-01.NASL", "SLACKWARE_SSA_2022-179-03.NASL", "SLACKWARE_SSA_2022-186-01.NASL", "SLACKWARE_SSA_2022-227-01.NASL", "SLACKWARE_SSA_2022-237-02.NASL", "SL_20220801_JAVA_11_OPENJDK_ON_SL7_X.NASL", "SL_20220801_JAVA_1_8_0_OPENJDK_ON_SL7_X.NASL", "SL_20220825_RSYNC_ON_SL7_X.NASL", "SL_20220825_SYSTEMD_ON_SL7_X.NASL", "SUSE_SU-2022-1836-1.NASL", "SUSE_SU-2022-1883-1.NASL", "SUSE_SU-2022-2004-1.NASL", "SUSE_SU-2022-2005-1.NASL", "SUSE_SU-2022-2068-1.NASL", "SUSE_SU-2022-2075-1.NASL", "SUSE_SU-2022-2098-1.NASL", "SUSE_SU-2022-2106-1.NASL", "SUSE_SU-2022-2116-1.NASL", "SUSE_SU-2022-2172-1.NASL", "SUSE_SU-2022-2177-1.NASL", "SUSE_SU-2022-2179-1.NASL", "SUSE_SU-2022-2180-1.NASL", "SUSE_SU-2022-2181-1.NASL", "SUSE_SU-2022-2182-1.NASL", "SUSE_SU-2022-2197-1.NASL", "SUSE_SU-2022-2214-1.NASL", "SUSE_SU-2022-2216-1.NASL", "SUSE_SU-2022-2230-1.NASL", "SUSE_SU-2022-2239-1.NASL", "SUSE_SU-2022-2245-1.NASL", "SUSE_SU-2022-2251-1.NASL", "SUSE_SU-2022-2262-1.NASL", "SUSE_SU-2022-2268-1.NASL", "SUSE_SU-2022-2288-1.NASL", "SUSE_SU-2022-2305-1.NASL", "SUSE_SU-2022-2306-1.NASL", "SUSE_SU-2022-2308-1.NASL", "SUSE_SU-2022-2309-1.NASL", "SUSE_SU-2022-2311-1.NASL", "SUSE_SU-2022-2312-1.NASL", "SUSE_SU-2022-2321-1.NASL", "SUSE_SU-2022-2327-1.NASL", "SUSE_SU-2022-2328-1.NASL", "SUSE_SU-2022-2334-1.NASL", "SUSE_SU-2022-2356-1.NASL", "SUSE_SU-2022-2360-1.NASL", "SUSE_SU-2022-2361-1.NASL", "SUSE_SU-2022-2376-1.NASL", "SUSE_SU-2022-2377-1.NASL", "SUSE_SU-2022-2382-1.NASL", "SUSE_SU-2022-2417-1.NASL", "SUSE_SU-2022-2422-1.NASL", "SUSE_SU-2022-2424-1.NASL", "SUSE_SU-2022-2520-1.NASL", "SUSE_SU-2022-2549-1.NASL", "SUSE_SU-2022-2610-1.NASL", "SUSE_SU-2022-2615-1.NASL", "SUSE_SU-2022-2629-1.NASL", "SUSE_SU-2022-2660-1.NASL", "SUSE_SU-2022-2671-1.NASL", "SUSE_SU-2022-2672-1.NASL", "SUSE_SU-2022-2696-1.NASL", "SUSE_SU-2022-2707-1.NASL", "SUSE_SU-2022-2722-1.NASL", "SUSE_SU-2022-2726-1.NASL", "SUSE_SU-2022-2727-1.NASL", "SUSE_SU-2022-2732-1.NASL", "SUSE_SU-2022-2738-1.NASL", "SUSE_SU-2022-2741-1.NASL", "SUSE_SU-2022-2759-1.NASL", "SUSE_SU-2022-2766-1.NASL", "SUSE_SU-2022-2770-1.NASL", "SUSE_SU-2022-2813-1.NASL", "SUSE_SU-2022-2819-1.NASL", "SUSE_SU-2022-2825-1.NASL", "SUSE_SU-2022-2829-1.NASL", "SUSE_SU-2022-2854-1.NASL", "SUSE_SU-2022-2856-1.NASL", "SUSE_SU-2022-2858-1.NASL", "SUSE_SU-2022-2859-1.NASL", "SUSE_SU-2022-2875-1.NASL", "SUSE_SU-2022-2898-1.NASL", "SUSE_SU-2022-2899-1.NASL", "SUSE_SU-2022-2949-1.NASL", "SUSE_SU-2022-2959-1.NASL", "SUSE_SU-2022-3092-1.NASL", "SUSE_SU-2022-3152-1.NASL", "SUSE_SU-2022-3293-1.NASL", "SUSE_SU-2022-3408-1.NASL", "SUSE_SU-2022-3450-1.NASL", "SUSE_SU-2022-4166-1.NASL", "SUSE_SU-2022-4617-1.NASL", "UBUNTU_USN-5402-1.NASL", "UBUNTU_USN-5402-2.NASL", "UBUNTU_USN-5471-1.NASL", "UBUNTU_USN-5488-1.NASL", "UBUNTU_USN-5488-2.NASL", "UBUNTU_USN-5495-1.NASL", "UBUNTU_USN-5499-1.NASL", "UBUNTU_USN-5502-1.NASL", "UBUNTU_USN-5540-1.NASL", "UBUNTU_USN-5544-1.NASL", "UBUNTU_USN-5545-1.NASL", "UBUNTU_USN-5546-1.NASL", "UBUNTU_USN-5546-2.NASL", "UBUNTU_USN-5560-1.NASL", "UBUNTU_USN-5560-2.NASL", "UBUNTU_USN-5562-1.NASL", "UBUNTU_USN-5564-1.NASL", "UBUNTU_USN-5566-1.NASL", "UBUNTU_USN-5582-1.NASL", "UBUNTU_USN-5583-1.NASL", "UBUNTU_USN-5594-1.NASL", "UBUNTU_USN-5599-1.NASL", "UBUNTU_USN-5602-1.NASL", "UBUNTU_USN-5616-1.NASL", "UBUNTU_USN-5622-1.NASL", "UBUNTU_USN-5623-1.NASL", "UBUNTU_USN-5627-1.NASL", "UBUNTU_USN-5630-1.NASL", "UBUNTU_USN-5639-1.NASL", "UBUNTU_USN-5647-1.NASL", "UBUNTU_USN-5654-1.NASL", "UBUNTU_USN-5660-1.NASL", "UBUNTU_USN-5669-1.NASL", "UBUNTU_USN-5669-2.NASL", "UBUNTU_USN-5678-1.NASL", "UBUNTU_USN-5679-1.NASL", "UBUNTU_USN-5684-1.NASL", "UBUNTU_USN-5687-1.NASL", "UBUNTU_USN-5695-1.NASL", "ZIMBRA_9_0_0_P26.NASL"]}, {"type": "nodejsblog", "idList": ["NODEJSBLOG:JULY-2022-SECURITY-RELEASES"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2022-1292", "OPENSSL:CVE-2022-2068", "OPENSSL:CVE-2022-2097"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2023", "ORACLE:CPUJUL2022", "ORACLE:CPUOCT2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-17956", "ELSA-2022-17957", "ELSA-2022-20693", "ELSA-2022-20694", "ELSA-2022-23681", "ELSA-2022-24267", "ELSA-2022-5249", "ELSA-2022-5251", "ELSA-2022-5683", "ELSA-2022-5687", "ELSA-2022-5695", "ELSA-2022-5696", "ELSA-2022-5698", "ELSA-2022-5709", "ELSA-2022-5726", "ELSA-2022-5736", "ELSA-2022-5775", "ELSA-2022-5799", "ELSA-2022-5809", "ELSA-2022-5818", "ELSA-2022-5819", "ELSA-2022-6157", "ELSA-2022-6159", "ELSA-2022-6160", "ELSA-2022-6170", "ELSA-2022-6180", "ELSA-2022-6181", "ELSA-2022-6206", "ELSA-2022-6224", "ELSA-2022-7129", "ELSA-2022-7519", "ELSA-2022-7529", "ELSA-2022-7548", "ELSA-2022-7648", "ELSA-2022-7950", "ELSA-2022-8057", "ELSA-2022-8250", "ELSA-2022-9667", "ELSA-2022-9683", "ELSA-2022-9751"]}, {"type": "osv", "idList": ["OSV:CVE-2022-1292", "OSV:CVE-2022-1586", "OSV:CVE-2022-2097", "OSV:CVE-2022-29154", "OSV:CVE-2022-32206", "OSV:CVE-2022-32208", "OSV:DLA-3008-1", "OSV:DLA-3065-1", "OSV:DLA-3085-1", "OSV:DLA-3155-1", "OSV:DLA-3325-1", "OSV:DSA-5139-1", "OSV:DSA-5161-1", "OSV:DSA-5169-1", "OSV:DSA-5173-1", "OSV:DSA-5188-1", "OSV:DSA-5192-1", "OSV:DSA-5197-1", "OSV:DSA-5256-1", "OSV:DSA-5343-1", "OSV:GHSA-3WX7-46CH-7RQ2", "OSV:GHSA-9339-86WC-4QGF", "OSV:GO-2022-0515", "OSV:GO-2022-0520", "OSV:GO-2022-0521", "OSV:GO-2022-0522", "OSV:GO-2022-0523", "OSV:GO-2022-0524", "OSV:GO-2022-0525", "OSV:GO-2022-0526", "OSV:GO-2022-0527", "OSV:GO-2022-0531", "OSV:GO-2022-0532", "OSV:GSD-2022-1002526", "OSV:GSD-2022-2274", "OSV:RUSTSEC-2022-0032"]}, {"type": "photon", "idList": ["PHSA-2022-0185", "PHSA-2022-0195", "PHSA-2022-0202", "PHSA-2022-0207", "PHSA-2022-0223", "PHSA-2022-0238", "PHSA-2022-0242", "PHSA-2022-0408", "PHSA-2022-0409", "PHSA-2022-0412", "PHSA-2022-0415", "PHSA-2022-0430", "PHSA-2022-0477", "PHSA-2022-0482", "PHSA-2022-0490", "PHSA-2022-0491", "PHSA-2022-0493", "PHSA-2022-0503", "PHSA-2022-0512", "PHSA-2022-3.0-0391", "PHSA-2022-3.0-0408", "PHSA-2022-3.0-0409", "PHSA-2022-3.0-0412", "PHSA-2022-3.0-0415", "PHSA-2022-3.0-0430", "PHSA-2022-3.0-0445", "PHSA-2022-3.0-0446", "PHSA-2022-3.0-0456", "PHSA-2022-4.0-0185", "PHSA-2022-4.0-0195", "PHSA-2022-4.0-0202", "PHSA-2022-4.0-0207", "PHSA-2022-4.0-0223", "PHSA-2022-4.0-0238", "PHSA-2022-4.0-0242"]}, {"type": "redhat", "idList": ["RHSA-2022:5069", "RHSA-2022:5214", "RHSA-2022:5216", "RHSA-2022:5220", "RHSA-2022:5224", "RHSA-2022:5232", "RHSA-2022:5236", "RHSA-2022:5249", "RHSA-2022:5251", "RHSA-2022:5267", "RHSA-2022:5439", "RHSA-2022:5476", "RHSA-2022:5626", "RHSA-2022:5633", "RHSA-2022:5636", "RHSA-2022:5641", "RHSA-2022:5648", "RHSA-2022:5681", "RHSA-2022:5683", "RHSA-2022:5684", "RHSA-2022:5685", "RHSA-2022:5687", "RHSA-2022:5695", "RHSA-2022:5696", "RHSA-2022:5697", "RHSA-2022:5698", "RHSA-2022:5700", "RHSA-2022:5701", "RHSA-2022:5709", "RHSA-2022:5726", "RHSA-2022:5730", "RHSA-2022:5736", "RHSA-2022:5753", "RHSA-2022:5754", "RHSA-2022:5755", "RHSA-2022:5756", "RHSA-2022:5757", "RHSA-2022:5758", "RHSA-2022:5775", "RHSA-2022:5799", "RHSA-2022:5802", "RHSA-2022:5804", "RHSA-2022:5805", "RHSA-2022:5806", "RHSA-2022:5809", "RHSA-2022:5818", "RHSA-2022:5819", "RHSA-2022:5834", "RHSA-2022:5839", "RHSA-2022:5866", "RHSA-2022:5875", "RHSA-2022:5879", "RHSA-2022:5908", "RHSA-2022:5909", "RHSA-2022:5923", "RHSA-2022:5924", "RHSA-2022:6024", "RHSA-2022:6040", "RHSA-2022:6042", "RHSA-2022:6051", "RHSA-2022:6053", "RHSA-2022:6061", "RHSA-2022:6062", "RHSA-2022:6065", "RHSA-2022:6066", "RHSA-2022:6073", "RHSA-2022:6075", "RHSA-2022:6102", "RHSA-2022:6103", "RHSA-2022:6113", "RHSA-2022:6152", "RHSA-2022:6156", "RHSA-2022:6157", "RHSA-2022:6159", "RHSA-2022:6160", "RHSA-2022:6161", "RHSA-2022:6162", "RHSA-2022:6163", "RHSA-2022:6170", "RHSA-2022:6171", "RHSA-2022:6172", "RHSA-2022:6173", "RHSA-2022:6180", "RHSA-2022:6181", "RHSA-2022:6182", "RHSA-2022:6183", "RHSA-2022:6184", "RHSA-2022:6187", "RHSA-2022:6188", "RHSA-2022:6206", "RHSA-2022:6224", "RHSA-2022:6252", "RHSA-2022:6258", "RHSA-2022:6262", "RHSA-2022:6263", "RHSA-2022:6271", "RHSA-2022:6277", "RHSA-2022:6283", "RHSA-2022:6287", "RHSA-2022:6290", "RHSA-2022:6308", "RHSA-2022:6317", "RHSA-2022:6318", "RHSA-2022:6322", "RHSA-2022:6344", "RHSA-2022:6345", "RHSA-2022:6346", "RHSA-2022:6347", "RHSA-2022:6348", "RHSA-2022:6370", "RHSA-2022:6422", "RHSA-2022:6429", "RHSA-2022:6430", "RHSA-2022:6507", "RHSA-2022:6517", "RHSA-2022:6526", "RHSA-2022:6535", "RHSA-2022:6536", "RHSA-2022:6551", "RHSA-2022:6560", "RHSA-2022:6681", "RHSA-2022:6696", "RHSA-2022:6714", "RHSA-2022:6890", "RHSA-2022:7055", "RHSA-2022:7058", "RHSA-2022:7129", "RHSA-2022:7398", "RHSA-2022:7399", "RHSA-2022:7401", "RHSA-2022:7519", "RHSA-2022:7529", "RHSA-2022:7548", "RHSA-2022:7648", "RHSA-2022:7950", "RHSA-2022:8057", "RHSA-2022:8098", "RHSA-2022:8250", "RHSA-2022:8534", "RHSA-2022:8535", "RHSA-2022:8626", "RHSA-2022:8634", "RHSA-2022:8750", "RHSA-2022:8781", "RHSA-2022:8840", "RHSA-2022:8841", "RHSA-2022:8889", "RHSA-2022:8913", "RHSA-2022:8917", "RHSA-2022:9047", "RHSA-2023:0069", "RHSA-2023:0407", "RHSA-2023:0408", "RHSA-2023:0542", "RHSA-2023:0630", "RHSA-2023:0693"]}, {"type": "redhatcve", "idList": ["RH:CVE-2022-1012", "RH:CVE-2022-1292", "RH:CVE-2022-1586", "RH:CVE-2022-1705", "RH:CVE-2022-1962", "RH:CVE-2022-1966", "RH:CVE-2022-2068", "RH:CVE-2022-2097", "RH:CVE-2022-21540", "RH:CVE-2022-21541", "RH:CVE-2022-2526", "RH:CVE-2022-28131", "RH:CVE-2022-29154", "RH:CVE-2022-30580", "RH:CVE-2022-30629", "RH:CVE-2022-30630", "RH:CVE-2022-30631", "RH:CVE-2022-30632", "RH:CVE-2022-30633", "RH:CVE-2022-30635", "RH:CVE-2022-32148", "RH:CVE-2022-32189", "RH:CVE-2022-32206", "RH:CVE-2022-32208", "RH:CVE-2022-32250", "RH:CVE-2022-32296", "RH:CVE-2022-34169"]}, {"type": "redos", "idList": ["ROS-20220524-01"]}, {"type": "rocky", "idList": ["RLSA-2022:5251", "RLSA-2022:5683", "RLSA-2022:5696", "RLSA-2022:5726", "RLSA-2022:5775", "RLSA-2022:5799", "RLSA-2022:5809", "RLSA-2022:5818", "RLSA-2022:5819", "RLSA-2022:5834", "RLSA-2022:6157", "RLSA-2022:6159", "RLSA-2022:6180", "RLSA-2022:6181", "RLSA-2022:6206", "RLSA-2022:6224", "RLSA-2022:7129", "RLSA-2022:7519", "RLSA-2022:7529", "RLSA-2022:7548", "RLSA-2022:7648", "RLSA-2022:7950", "RLSA-2022:8057", "RLSA-2022:8098", "RLSA-2022:8250"]}, {"type": "rustsec", "idList": ["RUSTSEC-2022-0032"]}, {"type": "slackware", "idList": ["SSA-2022-124-02", "SSA-2022-174-01", "SSA-2022-179-01", "SSA-2022-179-03", "SSA-2022-186-01", "SSA-2022-227-01", "SSA-2022-237-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:2177-1", "OPENSUSE-SU-2022:2328-1", "OPENSUSE-SU-2022:2361-1", "OPENSUSE-SU-2022:2422-1", "OPENSUSE-SU-2022:2549-1", "SUSE-SU-2022:1883-1", "SUSE-SU-2022:2004-1", "SUSE-SU-2022:2005-1", "SUSE-SU-2022:2172-1", "SUSE-SU-2022:2251-1", "SUSE-SU-2022:2251-2", "SUSE-SU-2022:2305-1", "SUSE-SU-2022:2306-1", "SUSE-SU-2022:2308-1", "SUSE-SU-2022:2321-1", "SUSE-SU-2022:2327-1", "SUSE-SU-2022:2327-2", "SUSE-SU-2022:2328-1", "SUSE-SU-2022:2360-1", "SUSE-SU-2022:2361-1", "SUSE-SU-2022:2422-1", "SUSE-SU-2022:2424-2", "SUSE-SU-2022:2520-1", "SUSE-SU-2022:2549-1", "SUSE-SU-2022:2615-1", "SUSE-SU-2022:2660-1", "SUSE-SU-2022:2671-1", "SUSE-SU-2022:2672-1", "SUSE-SU-2022:2707-1", "SUSE-SU-2022:2722-1", "SUSE-SU-2022:2741-1", "SUSE-SU-2022:2825-1", "SUSE-SU-2022:2856-1", "SUSE-SU-2022:2875-1", "SUSE-SU-2022:2875-2", "SUSE-SU-2022:2949-1", "SUSE-SU-2022:2959-1", "SUSE-SU-2022:2959-2", "SUSE-SU-2022:3092-1", "SUSE-SU-2022:3293-1", "SUSE-SU-2022:3408-1"]}, {"type": "thn", "idList": ["THN:BF4AE09A315FD10E056B189C3AD06B28"]}, {"type": "ubuntu", "idList": ["USN-5402-1", "USN-5402-2", "USN-5471-1", "USN-5488-1", "USN-5488-2", "USN-5495-1", "USN-5499-1", "USN-5502-1", "USN-5546-1", "USN-5546-2", "USN-5583-1", "USN-5583-2", "USN-5594-1", "USN-5599-1", "USN-5602-1", "USN-5616-1", "USN-5622-1", "USN-5623-1", "USN-5627-1", "USN-5627-2", "USN-5630-1", "USN-5639-1", "USN-5647-1", "USN-5654-1", "USN-5660-1", "USN-5669-1", "USN-5669-2", "USN-5678-1", "USN-5679-1", "USN-5684-1", "USN-5687-1", "USN-5695-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-1012", "UB:CVE-2022-1292", "UB:CVE-2022-1586", "UB:CVE-2022-1705", "UB:CVE-2022-1962", "UB:CVE-2022-2068", "UB:CVE-2022-2097", "UB:CVE-2022-21540", "UB:CVE-2022-21541", "UB:CVE-2022-2526", "UB:CVE-2022-28131", "UB:CVE-2022-29154", "UB:CVE-2022-30580", "UB:CVE-2022-30629", "UB:CVE-2022-30630", "UB:CVE-2022-30631", "UB:CVE-2022-30632", "UB:CVE-2022-30633", "UB:CVE-2022-30635", "UB:CVE-2022-32148", "UB:CVE-2022-32189", "UB:CVE-2022-32206", "UB:CVE-2022-32208", "UB:CVE-2022-32250", "UB:CVE-2022-32296", "UB:CVE-2022-34169", "UB:CVE-2022-34918"]}, {"type": "veracode", "idList": ["VERACODE:35474", "VERACODE:35968", "VERACODE:36086", "VERACODE:36189", "VERACODE:36190", "VERACODE:36271", "VERACODE:36421", "VERACODE:36423", "VERACODE:36440", "VERACODE:36442", "VERACODE:36446", "VERACODE:36447", "VERACODE:36448", "VERACODE:36463", "VERACODE:36480", "VERACODE:36481", "VERACODE:36482", "VERACODE:36483", "VERACODE:36484", "VERACODE:36485", "VERACODE:36488", "VERACODE:36573", "VERACODE:36629", "VERACODE:37412"]}]}, "affected_software": {"major_version": [{"name": "ibm robotic process automation", "version": 21}, {"name": "ibm robotic process automation", "version": 21}, {"name": "ibm robotic process automation", "version": 21}, {"name": "ibm robotic process automation", "version": 21}]}, "epss": [{"cve": "CVE-2022-1012", "epss": "0.000530000", "percentile": "0.190510000", "modified": "2023-03-19"}, {"cve": "CVE-2022-1292", "epss": "0.597600000", "percentile": "0.971650000", "modified": "2023-03-19"}, {"cve": "CVE-2022-1586", "epss": "0.000950000", "percentile": "0.386640000", "modified": "2023-03-19"}, {"cve": "CVE-2022-1705", "epss": "0.000830000", "percentile": "0.336030000", "modified": "2023-03-19"}, {"cve": "CVE-2022-1962", "epss": "0.000420000", "percentile": "0.056360000", "modified": "2023-03-19"}, {"cve": "CVE-2022-2068", "epss": "0.265690000", "percentile": "0.959980000", "modified": "2023-03-19"}, {"cve": "CVE-2022-2097", "epss": "0.001300000", "percentile": "0.461350000", "modified": "2023-03-19"}, {"cve": "CVE-2022-21540", "epss": "0.000770000", "percentile": "0.311440000", "modified": "2023-03-19"}, {"cve": "CVE-2022-21541", "epss": "0.000830000", "percentile": "0.336650000", "modified": "2023-03-19"}, {"cve": "CVE-2022-2526", "epss": "0.000910000", "percentile": "0.374280000", "modified": "2023-03-19"}, {"cve": "CVE-2022-28131", "epss": "0.000560000", "percentile": "0.210950000", "modified": "2023-03-19"}, {"cve": "CVE-2022-29154", "epss": "0.000530000", "percentile": "0.188800000", "modified": "2023-03-19"}, {"cve": "CVE-2022-30580", "epss": "0.000420000", "percentile": "0.056360000", "modified": "2023-03-19"}, {"cve": "CVE-2022-30629", "epss": "0.000520000", "percentile": "0.181850000", "modified": "2023-03-19"}, {"cve": "CVE-2022-30630", "epss": "0.000560000", "percentile": "0.210950000", "modified": "2023-03-19"}, {"cve": "CVE-2022-30631", "epss": "0.000560000", "percentile": "0.210950000", "modified": "2023-03-19"}, {"cve": "CVE-2022-30632", "epss": "0.000560000", "percentile": "0.210950000", "modified": "2023-03-19"}, {"cve": "CVE-2022-30633", "epss": "0.000560000", "percentile": "0.210950000", "modified": "2023-03-19"}, {"cve": "CVE-2022-30635", "epss": "0.000560000", "percentile": "0.210950000", "modified": "2023-03-19"}, {"cve": "CVE-2022-32148", "epss": "0.000520000", "percentile": "0.181850000", "modified": "2023-03-19"}, {"cve": "CVE-2022-32189", "epss": "0.000590000", "percentile": "0.228170000", "modified": "2023-03-19"}, {"cve": "CVE-2022-32206", "epss": "0.000720000", "percentile": "0.290900000", "modified": "2023-03-19"}, {"cve": "CVE-2022-32208", "epss": "0.001380000", "percentile": "0.475060000", "modified": "2023-03-19"}, {"cve": "CVE-2022-32250", "epss": "0.000440000", "percentile": "0.081850000", "modified": "2023-03-19"}, {"cve": "CVE-2022-34169", "epss": "0.001010000", "percentile": "0.399350000", "modified": "2023-03-19"}], "vulnersScore": 1.0}, "_state": {"score": 1677548601, "dependencies": 1677548348, "affected_software_major_version": 1677549706, "epss": 1679305952}, "_internal": {"score_hash": "c9d698b18bfade3c23a93572fec5c011"}, "affectedSoftware": [{"version": "21.0.1", "operator": "eq", "name": "ibm robotic process automation"}, {"version": "21.0.2", "operator": "eq", "name": "ibm robotic process automation"}, {"version": "21.0.3", "operator": "eq", "name": "ibm robotic process automation"}, {"version": "21.0.4", "operator": "eq", "name": "ibm robotic process automation"}]}

{"redhat": [{"lastseen": "2022-09-06T15:44:52", "description": "Multicluster engine for Kubernetes 2.1 images\n\nMulticluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters or to bring existing Kubernetes-based clusters under management by\nimporting them. After the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.\n\nSecurity fixes:\n\n* CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS\n\n* CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header\n\n* CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions\n\n* CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip\n\n* CVE-2022-30630 golang: io/fs: stack exhaustion in Glob\n\n* CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read\n\n* CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob\n\n* CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal\n\n* CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode\n\n* CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working\n\n* CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add\n\nBug fixes:\n\n* MCE 2.1.0 Images (BZ# 2090907)\n\n* cluster-proxy-agent not able to startup (BZ# 2109394)\n\n* Create cluster button skips Infrastructure page, shows blank page (BZ# 2110713)\n\n* AWS Icon sometimes doesn't show up in create cluster wizard (BZ# 2110734)\n\n* Infrastructure descriptions in create cluster catalog should be consistent and clear (BZ# 2110811)\n\n* The user with clusterset view permission should not able to update the namespace binding with the pencil icon on clusterset details page (BZ# 2111483)\n\n* hypershift cluster creation -> not all agent labels are shown in the node pools screen (BZ# 2112326)\n\n* CIM - SNO expansion, worker node status incorrect (BZ# 2114735)\n\n* Wizard fields are not pre-filled after picking credentials (BZ# 2117163)\n\n* ManagedClusterImageRegistry CR is wrong in pure MCE env", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-06T12:02:07", "type": "redhat", "title": "(RHSA-2022:6345) Moderate: Multicluster Engine for Kubernetes 2.1 security updates and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1705", "CVE-2022-1962", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-2526", "CVE-2022-28131", "CVE-2022-29154", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-31129", "CVE-2022-32148", "CVE-2022-32206", "CVE-2022-32208"], "modified": "2022-09-06T12:03:04", "id": "RHSA-2022:6345", "href": "https://access.redhat.com/errata/RHSA-2022:6345", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-25T12:00:53", "description": "This is an updated release of the Node Maintenance Operator. The Node Maintenance Operator cordons off nodes from the rest of the cluster and drains all the pods from the nodes. By placing nodes under maintenance, administrators can proactively power down nodes, move workloads to other parts of the cluster, and ensure that workloads do not get interrupted.\n\nSecurity Fix(es):\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, see the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-25T11:19:13", "type": "redhat", "title": "(RHSA-2022:6188) Important: Node Maintenance Operator 4.11.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1705", "CVE-2022-1962", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-32148"], "modified": "2022-08-25T11:19:26", "id": "RHSA-2022:6188", "href": "https://access.redhat.com/errata/RHSA-2022:6188", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-09-06T15:44:52", "description": "Gatekeeper Operator v0.2\n\nGatekeeper is an open source project that applies the OPA Constraint\nFramework to enforce policies on your Kubernetes clusters. \n\nThis advisory contains the container images for Gatekeeper that include bug\nfixes and container upgrades. \n\nNote: Gatekeeper support from the Red Hat support team is limited to where it is integrated and used with Red Hat Advanced Cluster Management\nfor Kubernetes. For support options for any other use, see the Gatekeeper\nopen source project website at:\nhttps://open-policy-agent.github.io/gatekeeper/website/docs/howto/.\n\nSecurity fix:\n\n* CVE-2022-30629: gatekeeper-container: golang: crypto/tls: session tickets lack random ticket_age_add\n\n* CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header\n\n* CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions\n\n* CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip\n\n* CVE-2022-30630: golang: io/fs: stack exhaustion in Glob\n\n* CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read\n\n* CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob\n\n* CVE-2022-30635: golang: encoding/gob: stack exhaustion in Decoder.Decode\n\n* CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal\n\n* CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-06T12:02:43", "type": "redhat", "title": "(RHSA-2022:6348) Moderate: Gatekeeper Operator v0.2 security and container updates", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40528", "CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1705", "CVE-2022-1962", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-2526", "CVE-2022-28131", "CVE-2022-29824", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32206", "CVE-2022-32208"], "modified": "2022-09-06T12:03:05", "id": "RHSA-2022:6348", "href": "https://access.redhat.com/errata/RHSA-2022:6348", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-21T10:06:55", "description": "Go Toolset provides the Go programming language tools and libraries. Go is\nalternatively known as golang.\n\nSecurity Fix(es):\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Clean up dist-git patches (BZ#2109172)\n\n* Update Go to version 1.17.12 (BZ#2109184)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-02T08:55:32", "type": "redhat", "title": "(RHSA-2022:5866) Important: go-toolset-1.17 and go-toolset-1.17-golang security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-21T09:11:12", "id": "RHSA-2022:5866", "href": "https://access.redhat.com/errata/RHSA-2022:5866", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-03T22:47:41", "description": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Clean up dist-git patches (BZ#2110942)\n\n* Update Go to version 1.17.12 (BZ#2110943)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-01T08:57:38", "type": "redhat", "title": "(RHSA-2022:5775) Important: go-toolset:rhel8 security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-03T21:07:10", "id": "RHSA-2022:5775", "href": "https://access.redhat.com/errata/RHSA-2022:5775", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-06T22:01:48", "description": "Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix security issues and several bugs. See the following Release Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/\n\nSecurity fixes: \n\n* CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS\n\n* CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add\n\n* CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header\n\n* CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions\n\n* CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip\n\n* CVE-2022-30630 golang: io/fs: stack exhaustion in Glob\n\n* CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read\n\n* CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob\n\n* CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal\n\n* CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode\n\n* CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working\n\nBug fixes:\n\n* assisted-service repo pin-latest.py script should allow custom tags to be pinned (BZ# 2065661)\n\n* assisted-service-build image is too big in size (BZ# 2066059)\n\n* assisted-service pin-latest.py script should exclude the postgres image (BZ# 2076901)\n\n* PXE artifacts need to be served via HTTP (BZ# 2078531)\n\n* Implementing new service-agent protocol on agent side (BZ# 2081281)\n\n* RHACM 2.6.0 images (BZ# 2090906)\n\n* Assisted service POD keeps crashing after a bare metal host is created (BZ# 2093503)\n\n* Assisted service triggers the worker nodes re-provisioning on the hub cluster when the converged flow is enabled (BZ# 2096106)\n\n* Fix assisted CI jobs that fail for cluster-info readiness (BZ# 2097696)\n\n* Nodes are required to have installation disks of at least 120GB instead of at minimum of 100GB (BZ# 2099277)\n\n* The pre-selected search keyword is not readable (BZ# 2107736)\n\n* The value of label expressions in the new placement for policy and policysets cannot be shown real-time from UI (BZ# 2111843)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-06T21:05:46", "type": "redhat", "title": "(RHSA-2022:6370) Moderate: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1012", "CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1705", "CVE-2022-1785", "CVE-2022-1897", "CVE-2022-1927", "CVE-2022-1962", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-2526", "CVE-2022-28131", "CVE-2022-29154", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-31129", "CVE-2022-32148", "CVE-2022-32206", "CVE-2022-32208", "CVE-2022-32250"], "modified": "2022-09-06T21:06:11", "id": "RHSA-2022:6370", "href": "https://access.redhat.com/errata/RHSA-2022:6370", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-18T15:28:26", "description": "This release addresses several security issues in the underlying golang compiler by moving to golang version 1.17.12.\n\nSecurity Fixes:\n\nImportant:\n- golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\nModerate:\n- golang: net/http: improper sanitization of Transfer-Encoding header\n(CVE-2022-1705)\n- golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n- golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n- golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n- golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n- golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n- golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For\nnot working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact; a CVSS\nscore; acknowledgments; and other related information refer to the CVE page(s)\nlisted in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-18T14:51:43", "type": "redhat", "title": "(RHSA-2022:6113) Important: Red Hat Application Interconnect 1.0 Release (rpms)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-32148"], "modified": "2022-08-18T15:06:51", "id": "RHSA-2022:6113", "href": "https://access.redhat.com/errata/RHSA-2022:6113", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-06T15:44:52", "description": "VolSync v0.5\n\nVolSync is a Kubernetes operator that enables asynchronous replication of\npersistent volumes within a cluster, or across clusters. After deploying\nthe VolSync operator, it can create and maintain copies of your persistent\ndata.\n\nFor more information about VolSync, see:\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/add-ons/add-ons-overview#volsync\nor the VolSync open source community website at:\nhttps://volsync.readthedocs.io/en/stable/.\n\nThis advisory contains a security fix and updates to the VolSync\ncontainer images.\n\nSecurity fixes:\n\n* CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server\n\n* CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add\n\n* CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header\n\n* CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions\n\n* CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip\n\n* CVE-2022-30630 golang: io/fs: stack exhaustion in Glob\n\n* CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read\n\n* CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob\n\n* CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal\n\n* CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode\n\n* CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-06T12:02:31", "type": "redhat", "title": "(RHSA-2022:6347) Moderate: VolSync 0.5 security fixes and updates", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-27191", "CVE-2022-28131", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-09-06T12:03:05", "id": "RHSA-2022:6347", "href": "https://access.redhat.com/errata/RHSA-2022:6347", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-09-06T15:44:52", "description": "Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.\n\nFor more information about Submariner, see the Submariner open source community website at: https://submariner.io/.\n\nThis advisory contains bug fixes and enhancements to the Submariner container images.\n\nSecurity fixes:\n\n* CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS\n\n* CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header\n\n* CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions\n\n* CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip\n\n* CVE-2022-30630 golang: io/fs: stack exhaustion in Glob\n\n* CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read\n\n* CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob\n\n* CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal\n\n* CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode\n\n* CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working\n\n* CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-06T12:02:19", "type": "redhat", "title": "(RHSA-2022:6346) Moderate: RHSA: Submariner 0.13 - security and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38561", "CVE-2021-40528", "CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1705", "CVE-2022-1962", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-2526", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-28131", "CVE-2022-29824", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32206", "CVE-2022-32208"], "modified": "2022-09-06T12:03:04", "id": "RHSA-2022:6346", "href": "https://access.redhat.com/errata/RHSA-2022:6346", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-09-15T20:03:41", "description": "Logging Subsystem 5.5.1 - Red Hat OpenShift\n\nSecurity Fix(es):\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-06T16:58:48", "type": "redhat", "title": "(RHSA-2022:6344) Moderate: Logging Subsystem 5.5.1 Security and Bug Fix Update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-2526", "CVE-2022-29154", "CVE-2022-30631", "CVE-2022-32148", "CVE-2022-32206", "CVE-2022-32208"], "modified": "2022-09-06T16:59:08", "id": "RHSA-2022:6344", "href": "https://access.redhat.com/errata/RHSA-2022:6344", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-09-01T06:01:10", "description": "Secondary Scheduler Operator for Red Hat OpenShift 1.1.0\n\nSecurity Fix(es):\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n* golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-01T05:38:54", "type": "redhat", "title": "(RHSA-2022:6152) Important: Secondary Scheduler Operator for Red Hat OpenShift 1.1.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-24675", "CVE-2022-28131", "CVE-2022-28327", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-09-01T05:39:02", "id": "RHSA-2022:6152", "href": "https://access.redhat.com/errata/RHSA-2022:6152", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-08T08:46:30", "description": "The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.\n\nSecurity Fix(es):\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-08T06:25:29", "type": "redhat", "title": "(RHSA-2022:7648) Moderate: grafana-pcp security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-08T07:47:01", "id": "RHSA-2022:7648", "href": "https://access.redhat.com/errata/RHSA-2022:7648", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-15T10:06:25", "description": "The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.\n\nSecurity Fix(es):\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-15T06:19:30", "type": "redhat", "title": "(RHSA-2022:8250) Moderate: grafana-pcp security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-15T08:00:58", "id": "RHSA-2022:8250", "href": "https://access.redhat.com/errata/RHSA-2022:8250", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-06T15:44:52", "description": "Logging Subsystem 5.4.5 - Red Hat OpenShift\n\nSecurity Fix(es):\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-06T13:30:30", "type": "redhat", "title": "(RHSA-2022:6183) Moderate: Logging Subsystem 5.4.5 Security and Bug Fix Update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1705", "CVE-2022-1785", "CVE-2022-1897", "CVE-2022-1927", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-2526", "CVE-2022-29154", "CVE-2022-30631", "CVE-2022-32148", "CVE-2022-32206", "CVE-2022-32208"], "modified": "2022-09-06T13:30:39", "id": "RHSA-2022:6183", "href": "https://access.redhat.com/errata/RHSA-2022:6183", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-10T08:06:06", "description": "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nThis advisory covers the RPM packages for the release.\n\nSecurity Fix(es):\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-31T18:47:41", "type": "redhat", "title": "(RHSA-2022:6283) Moderate: Red Hat OpenShift Service Mesh 2.2.2 Containers security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1705", "CVE-2022-1785", "CVE-2022-1897", "CVE-2022-1927", "CVE-2022-1962", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-31107", "CVE-2022-32148"], "modified": "2022-11-10T07:54:10", "id": "RHSA-2022:6283", "href": "https://access.redhat.com/errata/RHSA-2022:6283", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-08T08:46:30", "description": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* cri-o: memory exhaustion on the node when access to the kube api (CVE-2022-1708)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-08T06:22:08", "type": "redhat", "title": "(RHSA-2022:7529) Moderate: container-tools:3.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1708", "CVE-2022-1962", "CVE-2022-21698", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-32148"], "modified": "2022-11-08T07:21:36", "id": "RHSA-2022:7529", "href": "https://access.redhat.com/errata/RHSA-2022:7529", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-09-12T20:01:49", "description": "Multicluster Engine for Kubernetes 2.0.2 images\n\nMulticluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters or to bring existing Kubernetes-based clusters under management by\nimporting them. After the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.\n\nSecurity updates:\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* vm2: Sandbox Escape in vm2 (CVE-2022-36067)\n\nBug fix:\n\n* MCE 2.0.2 images (BZ# 2104569)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-09-12T19:32:29", "type": "redhat", "title": "(RHSA-2022:6422) Critical: Multicluster Engine for Kubernetes 2.0.2 security and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1292", "CVE-2022-1586", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-2526", "CVE-2022-29154", "CVE-2022-31129", "CVE-2022-32206", "CVE-2022-32208", "CVE-2022-36067"], "modified": "2022-09-12T19:32:46", "id": "RHSA-2022:6422", "href": "https://access.redhat.com/errata/RHSA-2022:6422", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-09-06T15:44:52", "description": "Openshift Logging Bug Fix Release (5.3.11)\n\nSecurity Fix(es):\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-06T12:05:37", "type": "redhat", "title": "(RHSA-2022:6182) Moderate: Openshift Logging Security and Bug Fix update (5.3.11)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1785", "CVE-2022-1897", "CVE-2022-1927", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-2526", "CVE-2022-29154", "CVE-2022-30631", "CVE-2022-32206", "CVE-2022-32208"], "modified": "2022-09-06T12:05:47", "id": "RHSA-2022:6182", "href": "https://access.redhat.com/errata/RHSA-2022:6182", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-04T12:05:45", "description": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nThe golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Clean up dist-git patches (BZ#2109174)\n\n* Update Go to version 1.17.12 (BZ#2109183)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-01T15:29:25", "type": "redhat", "title": "(RHSA-2022:5799) Important: go-toolset and golang security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-24675", "CVE-2022-24921", "CVE-2022-28131", "CVE-2022-28327", "CVE-2022-29526", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-04T10:39:02", "id": "RHSA-2022:5799", "href": "https://access.redhat.com/errata/RHSA-2022:5799", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-24T15:07:31", "description": "OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.\u00a0This advisory contains OpenShift Virtualization 4.12.0 RPMs.\n\nSecurity Fix(es):\n\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\n* golang: out-of-bounds read in golang.org/x/text/language leads to DoS (CVE-2021-38561)\n\n* golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\n* golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-24T12:45:04", "type": "redhat", "title": "(RHSA-2023:0407) Moderate: OpenShift Virtualization 4.12.0 RPMs security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38561", "CVE-2021-44716", "CVE-2021-44717", "CVE-2022-1705", "CVE-2022-1962", "CVE-2022-24921", "CVE-2022-28131", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2023-01-24T12:45:24", "id": "RHSA-2023:0407", "href": "https://access.redhat.com/errata/RHSA-2023:0407", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-08-10T11:59:35", "description": "Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.\n\nSecurity Fix(es):\n- prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n- go-restful: Authorization Bypass Through User-Controlled Key (CVE-2022-1996)\n- golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n- golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n- golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n- golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n- golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n- golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n- golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n- golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n- golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n- golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921)\n- golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n- golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n- golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\nFor more details about the security issue(s), including the impact; a CVSS\nscore; acknowledgments; and other related information refer to the CVE page(s)\nlisted in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-08-10T11:16:48", "type": "redhat", "title": "(RHSA-2022:6042) Important: Release of OpenShift Serverless Client kn 1.24.0", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-1996", "CVE-2022-21698", "CVE-2022-24675", "CVE-2022-24921", "CVE-2022-28131", "CVE-2022-28327", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-08-10T11:31:17", "id": "RHSA-2022:6042", "href": "https://access.redhat.com/errata/RHSA-2022:6042", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-09-13T20:01:54", "description": "Red Hat Advanced Cluster Management for Kubernetes 2.5.2 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/release_notes/\n\nSecurity fixes:\n\n* moment: inefficient parsing algorithim resulting in DoS (CVE-2022-31129)\n* vm2: Sandbox Escape in vm2 (CVE-2022-36067)\n\nBug fixes:\n\n* Submariner Globalnet e2e tests failed on MTU between On-Prem to Public clusters (BZ# 2074547)\n\n* OCP 4.11 - Install fails because of: pods \"management-ingress-63029-5cf6789dd6-\" is forbidden: unable to validate against any security context constrain (BZ# 2082254)\n\n* subctl gather fails to gather libreswan data if CableDriver field is missing/empty in Submariner Spec (BZ# 2083659)\n\n* Yaml editor for creating vSphere cluster moves to next line after typing (BZ# 2086883)\n\n* Submariner addon status doesn't track all deployment failures (BZ# 2090311)\n\n* Unable to deploy Hypershift operator on MCE hub using ManagedClusterAddOn without including s3 secret (BZ# 2091170)\n\n* After switching to ACM 2.5 the managed clusters log \"unable to create ClusterClaim\" errors (BZ# 2095481)\n\n* Enforce failed and report the violation after modified memory value in limitrange policy (BZ# 2100036)\n\n* Creating an application fails with \"This application has no subscription match selector (spec.selector.matchExpressions)\" (BZ# 2101577)\n\n* Inconsistent cluster resource statuses between \"All Subscription\" topology and individual topologies (BZ# 2102273)\n\n* managed cluster is in \"unknown\" state for 120 mins after OADP restore\n\n* RHACM 2.5.2 images (BZ# 2104553)\n\n* Subscription UI does not allow binding to label with empty value (BZ# 2104961)\n\n* Upgrade to 2.5.1 from 2.5.0 fails due to missing Subscription CRD (BZ# 2106069)\n\n* Region information is not available for Azure cloud in managedcluster CR (BZ# 2107134)\n\n* cluster uninstall log points to incorrect container name (BZ# 2107359)\n\n* ACM shows wrong path for Argo CD applicationset git generator (BZ# 2107885)\n\n* Single node checkbox not visible for 4.11 images (BZ# 2109134)\n\n* Unable to deploy hypershift cluster when enabling validate-cluster-security (BZ# 2109544)\n\n* Deletion of Application (including app related resources) from the console fails to delete PlacementRule for the application (BZ# 20110026)\n\n* After the creation by a policy of job or deployment (in case the object is missing)ACM is trying to add new containers instead of updating (BZ# 2117728)\n\n* pods in CrashLoopBackoff on 3.11 managed cluster (BZ# 2122292)\n\n* ArgoCD and AppSet Applications do not deploy to local-cluster (BZ# 2124707)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-09-13T18:29:42", "type": "redhat", "title": "(RHSA-2022:6507) Critical: Red Hat Advanced Cluster Management 2.5.2 security fixes and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1012", "CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1785", "CVE-2022-1897", "CVE-2022-1927", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-2526", "CVE-2022-29154", "CVE-2022-31129", "CVE-2022-32206", "CVE-2022-32208", "CVE-2022-32250", "CVE-2022-36067"], "modified": "2022-09-13T18:29:51", "id": "RHSA-2022:6507", "href": "https://access.redhat.com/errata/RHSA-2022:6507", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-15T10:06:25", "description": "Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI.\n\nSecurity Fix(es):\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-15T06:15:31", "type": "redhat", "title": "(RHSA-2022:8098) Moderate: toolbox security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632"], "modified": "2022-11-15T08:05:00", "id": "RHSA-2022:8098", "href": "https://access.redhat.com/errata/RHSA-2022:8098", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-23T15:11:35", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.11.1. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHSA-2022:6102\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nSecurity Fix(es):\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n* golang: crypto/tls: session tickets lack random ticket_age_add\n(CVE-2022-30629)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.1-x86_64\n\nThe image digest is sha256:97410a5db655a9d3017b735c2c0747c849d09ff551765e49d5272b80c024a844\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.1-s390x\n\nThe image digest is sha256:13734de7e796e46f5403ef9ee918be88c12fdc9b73acb8777e0cc7c56a276794\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.1-ppc64le\n\nThe image digest is sha256:d0019b6b8b32cc9fea06562e6ce175086fa7de7b2b7dce171a8ac1a57f92f10b\n\n(For aarch64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.1-aarch64\n\nThe image digest is sha256:3394a79e173ac17bc96a7256665701d3d7e2a95535a12f2ceb19ceb41dcd6b79 \n\nAll OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available\nat https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-23T15:00:01", "type": "redhat", "title": "(RHSA-2022:6103) Moderate: OpenShift Container Platform 4.11.1 bug fix and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1012", "CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1785", "CVE-2022-1897", "CVE-2022-1927", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-30629", "CVE-2022-30631", "CVE-2022-32250"], "modified": "2022-08-23T15:01:59", "id": "RHSA-2022:6103", "href": "https://access.redhat.com/errata/RHSA-2022:6103", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-09-13T04:01:50", "description": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es):\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\n* golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T02:08:24", "type": "redhat", "title": "(RHSA-2022:6430) Moderate: OpenShift API for Data Protection (OADP) 1.0.4 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3634", "CVE-2021-40528", "CVE-2022-1271", "CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1705", "CVE-2022-1962", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-21698", "CVE-2022-24675", "CVE-2022-2526", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-26691", "CVE-2022-29154", "CVE-2022-29824", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-32148", "CVE-2022-32206", "CVE-2022-32208"], "modified": "2022-09-13T02:08:38", "id": "RHSA-2022:6430", "href": "https://access.redhat.com/errata/RHSA-2022:6430", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-09-15T20:03:41", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.6.61. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHBA-2022:6261\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nSecurity Fix(es):\n\n* grafana: Snapshot authentication bypass (CVE-2021-39226)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.61-x86_64\n\nThe image digest is sha256:59fcf77d73e43fc5f458dbf4c6c0c1c5e07aaca55282ecaa2c8397c83362627a\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.61-s390x\n\nThe image digest is sha256:9eb9af3e80d43300e44c46dc9e55d5b11f718082ab68fe2b10da9d3b562d1620\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.61-ppc64le\n\nThe image digest is sha256:3571d61b480306030e0838a86db570177e15287b393c8059e8f2fbe50612d816\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available\nat https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-09T04:57:19", "type": "redhat", "title": "(RHSA-2022:6262) Important: OpenShift Container Platform 4.6.61 bug fix and security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-39226", "CVE-2022-1353", "CVE-2022-21540", "CVE-2022-21541", "CVE-2022-2526", "CVE-2022-29154", "CVE-2022-30631", "CVE-2022-34169"], "modified": "2022-09-09T04:58:35", "id": "RHSA-2022:6262", "href": "https://access.redhat.com/errata/RHSA-2022:6262", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-09-14T15:55:29", "description": "Release osp-director-operator images\n\nSecurity Fix(es):\n\n* CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read [important]\n* CVE-2021-41103 golang: containerd: insufficiently restricted permissions on container root and plugin directories [medium]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-14T12:42:43", "type": "redhat", "title": "(RHSA-2022:6517) Important: Release of containers for OSP 16.2.z director operator tech preview", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41103", "CVE-2022-1292", "CVE-2022-1586", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-30631"], "modified": "2022-09-14T12:42:57", "id": "RHSA-2022:6517", "href": "https://access.redhat.com/errata/RHSA-2022:6517", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-16T16:32:49", "description": "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. \n\nThe following packages have been upgraded to a later upstream version: grafana (7.5.15). (BZ#2055348)\n\nSecurity Fix(es):\n\n* sanitize-url: XSS due to improper sanitization in sanitizeUrl function (CVE-2021-23648)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* grafana: Forward OAuth Identity Token can allow users to access some data sources (CVE-2022-21673)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n* grafana: XSS vulnerability in data source handling (CVE-2022-21702)\n\n* grafana: CSRF vulnerability can lead to privilege escalation (CVE-2022-21703)\n\n* grafana: IDOR vulnerability can lead to information disclosure (CVE-2022-21713)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-08T06:21:47", "type": "redhat", "title": "(RHSA-2022:7519) Moderate: grafana security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23648", "CVE-2022-1705", "CVE-2022-1962", "CVE-2022-21673", "CVE-2022-21698", "CVE-2022-21702", "CVE-2022-21703", "CVE-2022-21713", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-08T06:43:25", "id": "RHSA-2022:7519", "href": "https://access.redhat.com/errata/RHSA-2022:7519", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-15T10:06:25", "description": "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. \n\nThe following packages have been upgraded to a later upstream version: grafana (7.5.15). (BZ#2055349)\n\nSecurity Fix(es):\n\n* sanitize-url: XSS due to improper sanitization in sanitizeUrl function (CVE-2021-23648)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* grafana: Forward OAuth Identity Token can allow users to access some data sources (CVE-2022-21673)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n* grafana: XSS vulnerability in data source handling (CVE-2022-21702)\n\n* grafana: CSRF vulnerability can lead to privilege escalation (CVE-2022-21703)\n\n* grafana: IDOR vulnerability can lead to information disclosure (CVE-2022-21713)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-15T06:14:26", "type": "redhat", "title": "(RHSA-2022:8057) Important: grafana security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23648", "CVE-2022-1705", "CVE-2022-1962", "CVE-2022-21673", "CVE-2022-21698", "CVE-2022-21702", "CVE-2022-21703", "CVE-2022-21713", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-15T08:03:20", "id": "RHSA-2022:8057", "href": "https://access.redhat.com/errata/RHSA-2022:8057", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-06T20:14:17", "description": "The Custom Metrics Autoscaler Operator for Red Hat OpenShift is an optional\noperator, based on the Kubernetes Event Driven Autoscaler (KEDA), that allows workloads to be scaled using additional metrics sources other than pod metrics.\nThis release builds upon updated compiler, runtime library, and base images for the purpose of resolving any potential security issues present in previous toolset versions.\n\nThis version makes use of newer tools and libraries to address the following issues:\ngolang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\ngolang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\ngolang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)\ngolang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\ngolang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\ngolang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\ngolang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\ngolang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\ngolang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\ngolang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\ngolang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\ngolang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\ngolang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\ngolang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags (CVE-2022-32149)\ngolang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-03-06T18:37:27", "type": "redhat", "title": "(RHSA-2023:1042) Moderate: Custom Metrics Autoscaler Operator for Red Hat OpenShift (with security updates)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-27664", "CVE-2022-28131", "CVE-2022-28327", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32149", "CVE-2022-41715"], "modified": "2023-03-06T18:37:54", "id": "RHSA-2023:1042", "href": "https://access.redhat.com/errata/RHSA-2023:1042", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-10-27T08:51:59", "description": "Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server.\n\nSecurity Fix(es):\n\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension (CVE-2020-28851)\n\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\n* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* git-lfs needs to be rebuild with golang 1.17.7-1 or above", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-25T07:32:51", "type": "redhat", "title": "(RHSA-2022:7129) Moderate: git-lfs security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28851", "CVE-2020-28852", "CVE-2022-1705", "CVE-2022-27664", "CVE-2022-30630", "CVE-2022-30632", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32189"], "modified": "2022-10-25T08:15:00", "id": "RHSA-2022:7129", "href": "https://access.redhat.com/errata/RHSA-2022:7129", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-09-15T20:03:41", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.11.3. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHBA-2022:6286\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nSecurity Fix(es):\n\n* golang: out-of-bounds read in golang.org/x/text/language leads to DoS\n(CVE-2021-38561)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.3-x86_64\n\nThe image digest is sha256:1ce5676839bca4f389cdc1c3ddc1a78ab033d4c554453ca7ef61a23e34da0803\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.3-s390x\n\nThe image digest is sha256:a1aa4c51af3b69b3dfc998c533b40ce7123f0a5e5e70910a4ea42e37493307b7\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.3-ppc64le\n\nThe image digest is sha256:b80afcee6747011412d703745acad28beacd6c659462fe341ffdb3fdb7fbb288\n\nAll OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available\nat https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-07T20:37:32", "type": "redhat", "title": "(RHSA-2022:6287) Moderate: OpenShift Container Platform 4.11.3 packages and security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38561", "CVE-2022-2526", "CVE-2022-29154", "CVE-2022-32206", "CVE-2022-32208"], "modified": "2022-09-07T20:40:58", "id": "RHSA-2022:6287", "href": "https://access.redhat.com/errata/RHSA-2022:6287", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-09-15T20:03:41", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.61. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2022:6262\n\nSecurity Fix(es):\n\n* golang: out-of-bounds read in golang.org/x/text/language leads to DoS\n(CVE-2021-38561)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-09T04:51:06", "type": "redhat", "title": "(RHSA-2022:6263) Moderate: OpenShift Container Platform 4.6.61 security and extras update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38561", "CVE-2022-1353", "CVE-2022-21540", "CVE-2022-21541", "CVE-2022-2526", "CVE-2022-29154", "CVE-2022-34169"], "modified": "2022-09-09T04:51:36", "id": "RHSA-2022:6263", "href": "https://access.redhat.com/errata/RHSA-2022:6263", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2022-08-30T18:00:55", "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)\n\n* OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)\n\n* OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-25T14:54:33", "type": "redhat", "title": "(RHSA-2022:5701) Important: java-1.8.0-openjdk security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-07-25T15:23:03", "id": "RHSA-2022:5701", "href": "https://access.redhat.com/errata/RHSA-2022:5701", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-30T18:00:55", "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)\n\n* OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)\n\n* OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-25T14:50:55", "type": "redhat", "title": "(RHSA-2022:5700) Important: java-1.8.0-openjdk security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-07-25T16:29:52", "id": "RHSA-2022:5700", "href": "https://access.redhat.com/errata/RHSA-2022:5700", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-30T18:00:55", "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nThe following packages have been upgraded to a later upstream version: java-1.8.0-openjdk (1.8.0.342.b07). (BZ#2083257)\n\nSecurity Fix(es):\n\n* OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)\n\n* OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)\n\n* OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-25T14:05:42", "type": "redhat", "title": "(RHSA-2022:5698) Important: java-1.8.0-openjdk security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-07-25T14:50:53", "id": "RHSA-2022:5698", "href": "https://access.redhat.com/errata/RHSA-2022:5698", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-30T18:00:55", "description": "The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.\n\nThis release of the Red Hat build of OpenJDK 11 (11.0.16) for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 (11.0.15) and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)\n\n* OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)\n\n* OpenJDK: integer truncation issue in Xalan (JAXP, 8285407) (CVE-2022-34169)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nOther Changes:\n\n* Red Hat builds of OpenJDK now identify themselves as such in the version output of OpenJDK tools.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-28T15:36:15", "type": "redhat", "title": "(RHSA-2022:5755) Important: OpenJDK 11.0.16 Security Update for Portable Linux Builds", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-07-28T15:36:50", "id": "RHSA-2022:5755", "href": "https://access.redhat.com/errata/RHSA-2022:5755", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-30T18:00:55", "description": "The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.\n\nThis release of the Red Hat build of OpenJDK 11 (11.0.16) for Windows serves as a replacement for the Red Hat build of OpenJDK 11 (11.0.15) and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)\n\n* OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)\n\n* OpenJDK: integer truncation issue in Xalan (JAXP, 8285407) (CVE-2022-34169)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nOther Changes:\n\n* Red Hat builds of OpenJDK now identify themselves as such in the version output of OpenJDK tools.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-28T15:36:18", "type": "redhat", "title": "(RHSA-2022:5756) Important: OpenJDK 11.0.16 security update for Windows Builds", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-07-28T15:36:51", "id": "RHSA-2022:5756", "href": "https://access.redhat.com/errata/RHSA-2022:5756", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-30T18:00:55", "description": "The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nThis release of the Red Hat build of OpenJDK 8 (8u342) for Windows serves as a replacement for the Red Hat build of OpenJDK 8 (8u332) and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n* OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)\n\n* OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)\n\n* OpenJDK: integer truncation issue in Xalan (JAXP, 8285407) (CVE-2022-34169)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-28T15:28:11", "type": "redhat", "title": "(RHSA-2022:5753) Important: OpenJDK 8u342 Windows builds release and security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-07-28T15:28:53", "id": "RHSA-2022:5753", "href": "https://access.redhat.com/errata/RHSA-2022:5753", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-30T18:00:55", "description": "The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)\n\n* OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)\n\n* OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-21T13:47:36", "type": "redhat", "title": "(RHSA-2022:5685) Important: java-11-openjdk security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-07-21T13:56:25", "id": "RHSA-2022:5685", "href": "https://access.redhat.com/errata/RHSA-2022:5685", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-30T18:00:55", "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)\n\n* OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)\n\n* OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* rh1991003 patch breaks sun.security.pkcs11.wrapper.PKCS11.getInstance() [rhel-8, openjdk-8] (BZ#2099912)\n\n* Revert to disabling system security properties and FIPS mode support together [rhel-8, openjdk-8] (BZ#2108565)\n\n* SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode [rhel-8, openjdk-8] (BZ#2108567)\n\n* Detect NSS at Runtime for FIPS detection [rhel-8, openjdk-11] (BZ#2108667)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-25T13:59:16", "type": "redhat", "title": "(RHSA-2022:5697) Important: java-1.8.0-openjdk security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-07-25T14:51:03", "id": "RHSA-2022:5697", "href": "https://access.redhat.com/errata/RHSA-2022:5697", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-30T18:00:55", "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nThe following packages have been upgraded to a later upstream version: java-1.8.0-openjdk (1.8.0.342.b07). (BZ#2084648)\n\nSecurity Fix(es):\n\n* OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)\n\n* OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)\n\n* OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* rh1991003 patch breaks sun.security.pkcs11.wrapper.PKCS11.getInstance() [rhel-8, openjdk-8] (BZ#2099911)\n\n* Revert to disabling system security properties and FIPS mode support together [rhel-8, openjdk-8] (BZ#2108564)\n\n* SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode [rhel-8, openjdk-8] (BZ#2108566)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-25T13:45:21", "type": "redhat", "title": "(RHSA-2022:5696) Important: java-1.8.0-openjdk security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-07-25T14:26:33", "id": "RHSA-2022:5696", "href": "https://access.redhat.com/errata/RHSA-2022:5696", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-30T18:00:55", "description": "The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.\n\nThe following packages have been upgraded to a later upstream version: java-11-openjdk (11.0.16.0.8). (BZ#2084777)\n\nSecurity Fix(es):\n\n* OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)\n\n* OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)\n\n* OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* rh1991003 patch breaks sun.security.pkcs11.wrapper.PKCS11.getInstance() [rhel-9, openjdk-11] (BZ#2099915)\n\n* SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode [rhel-9, openjdk-11] (BZ#2107866)\n\n* Revert to disabling system security properties and FIPS mode support together [rhel-9, openjdk-11] (BZ#2107868)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-25T13:40:39", "type": "redhat", "title": "(RHSA-2022:5695) Important: java-11-openjdk security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-07-25T14:26:27", "id": "RHSA-2022:5695", "href": "https://access.redhat.com/errata/RHSA-2022:5695", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-30T18:00:55", "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nThe following packages have been upgraded to a later upstream version: java-1.8.0-openjdk (1.8.0.342.b07). (BZ#2084776)\n\nSecurity Fix(es):\n\n* OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169)\n\n* OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540)\n\n* OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* rh1991003 patch breaks sun.security.pkcs11.wrapper.PKCS11.getInstance() [rhel-9, openjdk-8] (BZ#2099916)\n\n* SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode [rhel-9, openjdk-8] (BZ#2107956)\n\n* Revert to disabling system security properties and FIPS mode support together [rhel-9, openjdk-8] (BZ#2107958)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-25T22:43:48", "type": "redhat", "title": "(RHSA-2022:5709) Important: java-1.8.0-openjdk security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-07-25T23:04:40", "id": "RHSA-2022:5709", "href": "https://access.redhat.com/errata/RHSA-2022:5709", "cvss": {"score": 0.0, "vector": "NONE"}}], "suse": [{"lastseen": "2022-11-08T06:09:37", "description": "An update that solves 10 vulnerabilities and has one errata\n is now available.\n\nDescription:\n\n This update for go1.18 fixes the following issues:\n\n Update to go version 1.18.5 (bsc#1193742):\n\n - CVE-2022-32189: encoding/gob, math/big: decoding big.Float and big.Rat\n can panic (bsc#1202035).\n - CVE-2022-1705: net/http: improper sanitization of Transfer-Encoding\n header (bsc#1201434)\n - CVE-2022-32148: net/http/httputil: NewSingleHostReverseProxy - omit\n X-Forwarded-For not working (bsc#1201436)\n - CVE-2022-30631: compress/gzip: stack exhaustion in Reader.Read\n (bsc#1201437).\n - CVE-2022-30633: encoding/xml: stack exhaustion in Unmarshal\n (bsc#1201440).\n - CVE-2022-28131: encoding/xml: stack exhaustion in Decoder.Skip\n (bsc#1201443).\n - CVE-2022-30635: encoding/gob: stack exhaustion in Decoder.Decode\n (bsc#1201444).\n - CVE-2022-30632: path/filepath: stack exhaustion in Glob (bsc#1201445).\n - CVE-2022-30630: io/fs: stack exhaustion in Glob (bsc#1201447).\n - CVE-2022-1962: go/parser: stack exhaustion in all Parse* functions\n (bsc#1201448).\n\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-2672=1\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-2672=1\n\n - SUSE Linux Enterprise Module for Development Tools 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-2672=1\n\n - SUSE Linux Enterprise Module for Development Tools 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-2672=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-04T00:00:00", "type": "suse", "title": "Security update for go1.18 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32189"], "modified": "2022-08-04T00:00:00", "id": "SUSE-SU-2022:2672-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34MQ2SPQD27SOAZOVYG5PMOGNS6XCNBB/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-08T06:09:37", "description": "An update that solves 10 vulnerabilities and has one errata\n is now available.\n\nDescription:\n\n This update for go1.17 fixes the following issues:\n\n Update to go version 1.17.13 (bsc#1190649):\n\n - CVE-2022-32189: encoding/gob, math/big: decoding big.Float and big.Rat\n can panic (bsc#1202035).\n - CVE-2022-30635: encoding/gob: stack exhaustion in Decoder.Decode\n (bsc#1201444).\n - CVE-2022-30631: compress/gzip: stack exhaustion in Reader.Read\n (bsc#1201437).\n - CVE-2022-1962: go/parser: stack exhaustion in all Parse* functions\n (bsc#1201448).\n - CVE-2022-28131: encoding/xml: stack exhaustion in Decoder.Skip\n (bsc#1201443).\n - CVE-2022-1705: net/http: improper sanitization of Transfer-Encoding\n header (bsc#1201434)\n - CVE-2022-30630: io/fs: stack exhaustion in Glob (bsc#1201447).\n - CVE-2022-32148: net/http/httputil: NewSingleHostReverseProxy - omit\n X-Forwarded-For not working (bsc#1201436)\n - CVE-2022-30632: path/filepath: stack exhaustion in Glob (bsc#1201445).\n - CVE-2022-30633: encoding/xml: stack exhaustion in Unmarshal\n (bsc#1201440).\n\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-2671=1\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-2671=1\n\n - SUSE Manager Server 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2671=1\n\n - SUSE Manager Retail Branch Server 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2671=1\n\n - SUSE Manager Proxy 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2671=1\n\n - SUSE Linux Enterprise Server for SAP 15-SP2:\n\n zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2671=1\n\n - SUSE Linux Enterprise Server 15-SP2-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2671=1\n\n - SUSE Linux Enterprise Server 15-SP2-BCL:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2671=1\n\n - SUSE Linux Enterprise Module for Development Tools 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-2671=1\n\n - SUSE Linux Enterprise Module for Development Tools 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-2671=1\n\n - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2671=1\n\n - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2671=1\n\n - SUSE Enterprise Storage 7:\n\n zypper in -t patch SUSE-Storage-7-2022-2671=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-04T00:00:00", "type": "suse", "title": "Security update for go1.17 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32189"], "modified": "2022-08-04T00:00:00", "id": "SUSE-SU-2022:2671-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UBLF3UDSD77TBEY3S2W3S7IGDSZS7VVE/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-08T06:09:37", "description": "An update that solves three vulnerabilities and has one\n errata is now available.\n\nDescription:\n\n This update for java-1_8_0-openjdk fixes the following issues:\n\n - Updated to version jdk8u345 (icedtea-3.24.0)\n - CVE-2022-21540: Fixed a potential Java sandbox bypass (bsc#1201694).\n - CVE-2022-21541: Fixed a potential Java sandbox bypass (bsc#1201692).\n - CVE-2022-34169: Fixed an issue where arbitrary bytecode could be\n executed via a malicious stylesheet (bsc#1201684).\n\n - Non-security fixes:\n - Allowed for customization of PKCS12 keystores (bsc#1195163).\n\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-2856=1\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-2856=1\n\n - SUSE Manager Server 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2856=1\n\n - SUSE Manager Retail Branch Server 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2856=1\n\n - SUSE Manager Proxy 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2856=1\n\n - SUSE Linux Enterprise Server for SAP 15-SP2:\n\n zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2856=1\n\n - SUSE Linux Enterprise Server for SAP 15-SP1:\n\n zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-2856=1\n\n - SUSE Linux Enterprise Server for SAP 15:\n\n zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-2856=1\n\n - SUSE Linux Enterprise Server 15-SP2-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2856=1\n\n - SUSE Linux Enterprise Server 15-SP1-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-2856=1\n\n - SUSE Linux Enterprise Server 15-SP1-BCL:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-2856=1\n\n - SUSE Linux Enterprise Server 15-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-2022-2856=1\n\n - SUSE Linux Enterprise Module for Legacy Software 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-2856=1\n\n - SUSE Linux Enterprise Module for Legacy Software 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-2856=1\n\n - SUSE Enterprise Storage 7:\n\n zypper in -t patch SUSE-Storage-7-2022-2856=1\n\n - SUSE Enterprise Storage 6:\n\n zypper in -t patch SUSE-Storage-6-2022-2856=1\n\n - SUSE CaaS Platform 4.0:\n\n To install this update, use the SUSE CaaS Platform 'skuba' tool. It\n will inform you if it detects new updates and let you then trigger\n updating of the complete cluster in a controlled way.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-19T00:00:00", "type": "suse", "title": "Security update for java-1_8_0-openjdk (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-08-19T00:00:00", "id": "SUSE-SU-2022:2856-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZN2SREFG6JBSYAB5IZ42D2PX66IIDOJM/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-30T22:05:44", "description": "An update that fixes three vulnerabilities is now available.\n\nDescription:\n\n This update for java-11-openjdk fixes the following issues:\n\n Update to upstream tag jdk-11.0.16+8 (July 2022 CPU)\n\n - CVE-2022-21540: Improve class compilation (bsc#1201694)\n - CVE-2022-21541: Enhance MethodHandle invocations (bsc#1201692)\n - CVE-2022-34169: Improve Xalan supports (bsc#1201684)\n\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-2707=1\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-2707=1\n\n - SUSE Manager Server 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2707=1\n\n - SUSE Manager Retail Branch Server 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2707=1\n\n - SUSE Manager Proxy 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2707=1\n\n - SUSE Linux Enterprise Server for SAP 15-SP2:\n\n zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2707=1\n\n - SUSE Linux Enterprise Server for SAP 15-SP1:\n\n zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-2707=1\n\n - SUSE Linux Enterprise Server for SAP 15:\n\n zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-2707=1\n\n - SUSE Linux Enterprise Server 15-SP2-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2707=1\n\n - SUSE Linux Enterprise Server 15-SP2-BCL:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2707=1\n\n - SUSE Linux Enterprise Server 15-SP1-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-2707=1\n\n - SUSE Linux Enterprise Server 15-SP1-BCL:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-2707=1\n\n - SUSE Linux Enterprise Server 15-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-2022-2707=1\n\n - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-2707=1\n\n - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-2707=1\n\n - SUSE Linux Enterprise Module for Basesystem 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2707=1\n\n - SUSE Linux Enterprise Module for Basesystem 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2707=1\n\n - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2707=1\n\n - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2707=1\n\n - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-2707=1\n\n - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-2707=1\n\n - SUSE Linux Enterprise High Performance Computing 15-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-2022-2707=1\n\n - SUSE Linux Enterprise High Performance Computing 15-ESPOS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-2022-2707=1\n\n - SUSE Enterprise Storage 7:\n\n zypper in -t patch SUSE-Storage-7-2022-2707=1\n\n - SUSE Enterprise Storage 6:\n\n zypper in -t patch SUSE-Storage-6-2022-2707=1\n\n - SUSE CaaS Platform 4.0:\n\n To install this update, use the SUSE CaaS Platform 'skuba' tool. It\n will inform you if it detects new updates and let you then trigger\n updating of the complete cluster in a controlled way.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-09T00:00:00", "type": "suse", "title": "Security update for java-11-openjdk (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21540", "CVE-2022-21541", "CVE-2022-34169"], "modified": "2022-08-09T00:00:00", "id": "SUSE-SU-2022:2707-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UCVLJ3AK7LXT57KWVFELESXVKWJUWS2E/", "cvss": {"score": 0.0, "vector": "NONE"}}], "nessus": [{"lastseen": "2023-02-09T02:53:09", "description": "The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2671-1 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-05T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.17 (SUSE-SU-2022:2671-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32189"], "modified": "2023-02-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:go1.17", "p-cpe:/a:novell:suse_linux:go1.17-doc", "p-cpe:/a:novell:suse_linux:go1.17-race", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2671-1.NASL", "href": "https://www.tenable.com/plugins/nessus/163878", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2671-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163878);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\",\n \"CVE-2022-32189\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2671-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.17 (SUSE-SU-2022:2671-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:2671-1 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a\n panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a\n nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go\n before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201436\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201437\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201440\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201443\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201444\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201445\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201447\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201448\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202035\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-August/011802.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?add270d8\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28131\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-30630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-30631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-30632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-30633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-30635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32189\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected go1.17, go1.17-doc and / or go1.17-race packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.17\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.17-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.17-race\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES|SUSE)\") audit(AUDIT_OS_NOT, \"SUSE / openSUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+|SUSE([\\d.]+))\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SUSE15\\.3|SUSE15\\.4)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3/4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'go1.17-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'go1.17-doc-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'go1.17-1.17.13-150000.1.42.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.17-1.17.13-150000.1.42.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.17-doc-1.17.13-150000.1.42.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.17-doc-1.17.13-150000.1.42.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.17-1.17.13-150000.1.42.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.17-1.17.13-150000.1.42.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.17-doc-1.17.13-150000.1.42.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.17-doc-1.17.13-150000.1.42.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.17-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'go1.17-doc-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'go1.17-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'go1.17-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'go1.17-doc-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'go1.17-doc-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'go1.17-1.17.13-150000.1.42.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'go1.17-doc-1.17.13-150000.1.42.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'go1.17-1.17.13-150000.1.42.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'go1.17-doc-1.17.13-150000.1.42.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'go1.17-race-1.17.13-150000.1.42.1', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'go1.17-1.17.13-150000.1.42.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'go1.17-doc-1.17.13-150000.1.42.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'go1.17 / go1.17-doc / go1.17-race');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-10T19:21:28", "description": "The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2672-1 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-05T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.18 (SUSE-SU-2022:2672-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32189"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:go1.18", "p-cpe:/a:novell:suse_linux:go1.18-doc", "p-cpe:/a:novell:suse_linux:go1.18-race", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2672-1.NASL", "href": "https://www.tenable.com/plugins/nessus/163875", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2672-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163875);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\",\n \"CVE-2022-32189\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2672-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.18 (SUSE-SU-2022:2672-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:2672-1 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a\n panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a\n nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go\n before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201436\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201437\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201440\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201443\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201444\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201445\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201447\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201448\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202035\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-August/011804.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?62527c7b\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28131\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-30630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-30631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-30632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-30633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-30635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32189\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected go1.18, go1.18-doc and / or go1.18-race packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.18-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:go1.18-race\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES|SUSE)\") audit(AUDIT_OS_NOT, \"SUSE / openSUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+|SUSE([\\d.]+))\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SUSE15\\.3|SUSE15\\.4)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3/4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'go1.18-1.18.5-150000.1.25.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.18-1.18.5-150000.1.25.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.18-doc-1.18.5-150000.1.25.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.18-doc-1.18.5-150000.1.25.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'go1.18-1.18.5-150000.1.25.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.18-1.18.5-150000.1.25.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.18-doc-1.18.5-150000.1.25.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.18-doc-1.18.5-150000.1.25.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'go1.18-1.18.5-150000.1.25.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'go1.18-doc-1.18.5-150000.1.25.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'go1.18-1.18.5-150000.1.25.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'go1.18-doc-1.18.5-150000.1.25.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'cpu':'aarch64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'go1.18-race-1.18.5-150000.1.25.1', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'go1.18 / go1.18-doc / go1.18-race');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T12:46:41", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-23681 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-07T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : ol8addon (ELSA-2022-23681)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32189"], "modified": "2022-11-24T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:delve", "p-cpe:/a:oracle:linux:go-toolset", "p-cpe:/a:oracle:linux:golang", "p-cpe:/a:oracle:linux:golang-bin", "p-cpe:/a:oracle:linux:golang-docs", "p-cpe:/a:oracle:linux:golang-misc", "p-cpe:/a:oracle:linux:golang-race", "p-cpe:/a:oracle:linux:golang-src", "p-cpe:/a:oracle:linux:golang-tests"], "id": "ORACLELINUX_ELSA-2022-23681.NASL", "href": "https://www.tenable.com/plugins/nessus/167054", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-23681.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167054);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/24\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\",\n \"CVE-2022-32189\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"Oracle Linux 8 : ol8addon (ELSA-2022-23681)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-23681 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a\n panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a\n nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a\n panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go\n before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-23681.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:delve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:go-toolset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-tests\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'delve-1.7.2-1.0.1.module+el8.6.0+20703+24a110ad', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'delve-1.7.2-1.0.1.module+el8.6.0+20703+24a110ad', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17.13-1.module+el8.6.0+20868+00b8efc8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17.13-1.module+el8.6.0+20868+00b8efc8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.13-1.0.1.module+el8.6.0+20868+00b8efc8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.13-1.0.1.module+el8.6.0+20868+00b8efc8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.13-1.0.1.module+el8.6.0+20868+00b8efc8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.13-1.0.1.module+el8.6.0+20868+00b8efc8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.17.13-1.0.1.module+el8.6.0+20868+00b8efc8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.17.13-1.0.1.module+el8.6.0+20868+00b8efc8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.17.13-1.0.1.module+el8.6.0+20868+00b8efc8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.17.13-1.0.1.module+el8.6.0+20868+00b8efc8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.17.13-1.0.1.module+el8.6.0+20868+00b8efc8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'delve / go-toolset / golang / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-10T20:58:37", "description": "The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:5775 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-01T00:00:00", "type": "nessus", "title": "CentOS 8 : go-toolset:rhel8 (CESA-2022:5775)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2023-02-08T00:00:00", "cpe": ["p-cpe:2.3:a:centos:centos:delve:*:*:*:*:*:*:*", "cpe:2.3:o:centos:centos:8-stream:*:*:*:*:*:*:*"], "id": "CENTOS8_RHSA-2022-5775.NASL", "href": "https://www.tenable.com/plugins/nessus/163658", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:5775. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163658);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"RHSA\", value:\"2022:5775\");\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"CentOS 8 : go-toolset:rhel8 (CESA-2022:5775)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2022:5775 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5775\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected delve package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:delve\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/go-toolset');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:rhel8');\nif ('rhel8' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module go-toolset:' + module_ver);\n\nvar appstreams = {\n 'go-toolset:rhel8': [\n {'reference':'delve-1.7.2-1.module_el8.6.0+962+0036b8f3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:rhel8');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'delve');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-26T14:46:09", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5866 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-02T00:00:00", "type": "nessus", "title": "RHEL 7 : go-toolset-1.17 and go-toolset-1.17-golang (RHSA-2022:5866)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset-1.17-golang:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset-1.17-golang-bin:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset-1.17-golang-docs:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset-1.17-golang-misc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset-1.17-golang-race:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset-1.17-golang-src:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset-1.17-golang-tests:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset-1.17:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset-1.17-build:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset-1.17-runtime:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset-1.17-scldevel:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2022-5866.NASL", "href": "https://www.tenable.com/plugins/nessus/163709", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5866. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163709);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"RHSA\", value:\"2022:5866\");\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"RHEL 7 : go-toolset-1.17 and go-toolset-1.17-golang (RHSA-2022:5866)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5866 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-28131\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30629\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107376\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107392\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 331, 444, 1325);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.17\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.17-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.17-golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.17-golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.17-golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.17-golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.17-golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.17-golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.17-golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.17-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.17-scldevel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/devtools/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/devtools/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/devtools/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/devtools/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/devtools/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/devtools/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/devtools/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/devtools/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/devtools/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/devtools/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/devtools/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/devtools/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'go-toolset-1.17-1.17.12-1.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-1.17.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-build-1.17.12-1.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-build-1.17.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-1.17.12-1.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-1.17.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-bin-1.17.12-1.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-bin-1.17.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-docs-1.17.12-1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-misc-1.17.12-1.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-misc-1.17.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-race-1.17.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-src-1.17.12-1.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-src-1.17.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-tests-1.17.12-1.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-golang-tests-1.17.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-runtime-1.17.12-1.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-runtime-1.17.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-scldevel-1.17.12-1.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17-scldevel-1.17.12-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'go-toolset-1.17 / go-toolset-1.17-build / go-toolset-1.17-golang / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-26T04:16:13", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5775 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-01T00:00:00", "type": "nessus", "title": "RHEL 8 : go-toolset:rhel8 (RHSA-2022:5775)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:go-toolset:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-bin:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-docs:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-misc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-race:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-src:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-tests:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:delve:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_aus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_e4s:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_tus:8.6:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2022-5775.NASL", "href": "https://www.tenable.com/plugins/nessus/163672", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5775. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163672);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"RHSA\", value:\"2022:5775\");\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"RHEL 8 : go-toolset:rhel8 (RHSA-2022:5775)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5775 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-28131\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30629\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5775\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107376\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107392\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 331, 444, 1325);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:delve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-tests\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'go-toolset:rhel8': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'delve-1.7.2-1.module+el8.6.0+12972+ebab5911', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17.12-1.module+el8.6.0+16014+a372c00b', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.module+el8.6.0+16014+a372c00b', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.module+el8.6.0+16014+a372c00b', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.17.12-1.module+el8.6.0+16014+a372c00b', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.17.12-1.module+el8.6.0+16014+a372c00b', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.17.12-1.module+el8.6.0+16014+a372c00b', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.17.12-1.module+el8.6.0+16014+a372c00b', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.17.12-1.module+el8.6.0+16014+a372c00b', 'sp':'6', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'delve-1.7.2-1.module+el8.6.0+12972+ebab5911', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17.12-1.module+el8.6.0+16014+a372c00b', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.module+el8.6.0+16014+a372c00b', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.module+el8.6.0+16014+a372c00b', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.17.12-1.module+el8.6.0+16014+a372c00b', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.17.12-1.module+el8.6.0+16014+a372c00b', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.17.12-1.module+el8.6.0+16014+a372c00b', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.17.12-1.module+el8.6.0+16014+a372c00b', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.17.12-1.module+el8.6.0+16014+a372c00b', 'release':'8', 'el_string':'el8.6.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/go-toolset');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:rhel8');\nif ('rhel8' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module go-toolset:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:rhel8');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'delve / go-toolset / golang / golang-bin / golang-docs / golang-misc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:27:08", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5775 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-04T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : go-toolset:ol8 (ELSA-2022-5775)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-12-07T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:delve", "p-cpe:/a:oracle:linux:go-toolset", "p-cpe:/a:oracle:linux:golang", "p-cpe:/a:oracle:linux:golang-bin", "p-cpe:/a:oracle:linux:golang-docs", "p-cpe:/a:oracle:linux:golang-misc", "p-cpe:/a:oracle:linux:golang-race", "p-cpe:/a:oracle:linux:golang-src", "p-cpe:/a:oracle:linux:golang-tests", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2022-5775.NASL", "href": "https://www.tenable.com/plugins/nessus/163810", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-5775.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163810);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/07\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"Oracle Linux 8 : go-toolset:ol8 (ELSA-2022-5775)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-5775 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-5775.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:delve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:go-toolset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/go-toolset');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:ol8');\nif ('ol8' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module go-toolset:' + module_ver);\n\nvar appstreams = {\n 'go-toolset:ol8': [\n {'reference':'delve-1.7.2-1.0.1.module+el8.6.0+20559+3b94dc2a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17.12-1.module+el8.6.0+20710+66aa75bb', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17.12-1.module+el8.6.0+20710+66aa75bb', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.module+el8.6.0+20710+66aa75bb', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.module+el8.6.0+20710+66aa75bb', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.module+el8.6.0+20710+66aa75bb', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.module+el8.6.0+20710+66aa75bb', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.17.12-1.module+el8.6.0+20710+66aa75bb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.17.12-1.module+el8.6.0+20710+66aa75bb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.17.12-1.module+el8.6.0+20710+66aa75bb', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.17.12-1.module+el8.6.0+20710+66aa75bb', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.17.12-1.module+el8.6.0+20710+66aa75bb', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:ol8');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'delve / go-toolset / golang / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:27:10", "description": "The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5799 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-02T00:00:00", "type": "nessus", "title": "Oracle Linux 9 : go-toolset / and / golang (ELSA-2022-5799)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-12-07T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:go-toolset", "p-cpe:/a:oracle:linux:golang", "p-cpe:/a:oracle:linux:golang-bin", "p-cpe:/a:oracle:linux:golang-docs", "p-cpe:/a:oracle:linux:golang-misc", "p-cpe:/a:oracle:linux:golang-race", "p-cpe:/a:oracle:linux:golang-src", "p-cpe:/a:oracle:linux:golang-tests", "cpe:/o:oracle:linux:9"], "id": "ORACLELINUX_ELSA-2022-5799.NASL", "href": "https://www.tenable.com/plugins/nessus/163707", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-5799.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163707);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/07\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"Oracle Linux 9 : go-toolset / and / golang (ELSA-2022-5799)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-5799 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-5799.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:go-toolset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:9\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 9', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'go-toolset-1.17.12-1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'go-toolset / golang / golang-bin / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:27:32", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5775 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-06T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : go-toolset:rhel8 (5775) (ALSA-2022:5775)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-12-07T00:00:00", "cpe": ["p-cpe:/a:alma:linux:delve", "p-cpe:/a:alma:linux:go-toolset", "p-cpe:/a:alma:linux:golang", "p-cpe:/a:alma:linux:golang-bin", "p-cpe:/a:alma:linux:golang-docs", "p-cpe:/a:alma:linux:golang-misc", "p-cpe:/a:alma:linux:golang-race", "p-cpe:/a:alma:linux:golang-src", "p-cpe:/a:alma:linux:golang-tests", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2022-5775.NASL", "href": "https://www.tenable.com/plugins/nessus/163906", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:5775.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163906);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/07\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"ALSA\", value:\"2022:5775\");\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"AlmaLinux 8 : go-toolset:rhel8 (5775) (ALSA-2022:5775)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2022:5775 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-5775.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:delve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:go-toolset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar module_ver = get_kb_item('Host/AlmaLinux/appstream/go-toolset');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:rhel8');\nif ('rhel8' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module go-toolset:' + module_ver);\n\nvar appstreams = {\n 'go-toolset:rhel8': [\n {'reference':'delve-1.7.2-1.module_el8.6.0+2736+ec10aba8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17.12-1.module_el8.6.0+3065+e17ed2d4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17.12-1.module_el8.6.0+3065+e17ed2d4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.module_el8.6.0+3065+e17ed2d4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.module_el8.6.0+3065+e17ed2d4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.module_el8.6.0+3065+e17ed2d4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.module_el8.6.0+3065+e17ed2d4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.17.12-1.module_el8.6.0+3065+e17ed2d4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.17.12-1.module_el8.6.0+3065+e17ed2d4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.17.12-1.module_el8.6.0+3065+e17ed2d4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.17.12-1.module_el8.6.0+3065+e17ed2d4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.17.12-1.module_el8.6.0+3065+e17ed2d4', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/AlmaLinux/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:rhel8');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'delve / go-toolset / golang / golang-bin / golang-docs / golang-misc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:27:33", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a4f2416c-02a0-11ed-b817-10c37b4ac2ea advisory.\n\n - The Go project reports: net/http: improper sanitization of Transfer-Encoding header The HTTP/1 client accepted some invalid Transfer-Encoding headers as indicating a chunked encoding. This could potentially allow for request smuggling, but only if combined with an intermediate server that also improperly failed to reject the header as invalid.\n When httputil.ReverseProxy.ServeHTTP was called with a Request.Header map containing a nil value for the X-Forwarded-For header, ReverseProxy would set the client IP as the value of the X-Forwarded-For header, contrary to its documentation. In the more usual case where a Director function set the X-Forwarded-For header value to nil, ReverseProxy would leave the header unmodified as expected. compress/gzip: stack exhaustion in Reader.Read Calling Reader.Read on an archive containing a large number of concatenated 0-length compressed files can cause a panic due to stack exhaustion. encoding/xml: stack exhaustion in Unmarshal Calling Unmarshal on a XML document into a Go struct which has a nested field that uses the any field tag can cause a panic due to stack exhaustion.\n encoding/xml: stack exhaustion in Decoder.Skip Calling Decoder.Skip when parsing a deeply nested XML document can cause a panic due to stack exhaustion. encoding/gob: stack exhaustion in Decoder.Decode Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. path/filepath: stack exhaustion in Glob Calling Glob on a path which contains a large number of path separators can cause a panic due to stack exhaustion. io/fs: stack exhaustion in Glob Calling Glob on a path which contains a large number of path separators can cause a panic due to stack exhaustion. go/parser: stack exhaustion in all Parse* functions Calling any of the Parse functions on Go source code which contains deeply nested types or declarations can cause a panic due to stack exhaustion. (CVE-2022-1705, CVE-2022-1962, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "FreeBSD : go -- multiple vulnerabilities (a4f2416c-02a0-11ed-b817-10c37b4ac2ea)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-12-08T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:go117", "p-cpe:/a:freebsd:freebsd:go118", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_A4F2416C02A011EDB81710C37B4AC2EA.NASL", "href": "https://www.tenable.com/plugins/nessus/163105", "sourceData": "#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163105);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/08\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"FreeBSD : go -- multiple vulnerabilities (a4f2416c-02a0-11ed-b817-10c37b4ac2ea)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the a4f2416c-02a0-11ed-b817-10c37b4ac2ea advisory.\n\n - The Go project reports: net/http: improper sanitization of Transfer-Encoding header The HTTP/1\n client accepted some invalid Transfer-Encoding headers as indicating a chunked\n encoding. This could potentially allow for request smuggling, but only if combined with an\n intermediate server that also improperly failed to reject the header as invalid.\n When httputil.ReverseProxy.ServeHTTP was called with a Request.Header map containing a nil\n value for the X-Forwarded-For header, ReverseProxy would set the client IP as the\n value of the X-Forwarded-For header, contrary to its documentation. In the more usual case\n where a Director function set the X-Forwarded-For header value to nil,\n ReverseProxy would leave the header unmodified as expected. compress/gzip: stack exhaustion in\n Reader.Read Calling Reader.Read on an archive containing a large number of concatenated\n 0-length compressed files can cause a panic due to stack exhaustion. encoding/xml: stack\n exhaustion in Unmarshal Calling Unmarshal on a XML document into a Go struct which has a\n nested field that uses the any field tag can cause a panic due to stack exhaustion.\n encoding/xml: stack exhaustion in Decoder.Skip Calling Decoder.Skip when parsing a deeply nested XML\n document can cause a panic due to stack exhaustion. encoding/gob: stack exhaustion in Decoder.Decode\n Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic\n due to stack exhaustion. path/filepath: stack exhaustion in Glob Calling Glob on a path which\n contains a large number of path separators can cause a panic due to stack\n exhaustion. io/fs: stack exhaustion in Glob Calling Glob on a path which contains a large number of\n path separators can cause a panic due to stack exhaustion. go/parser: stack exhaustion in all\n Parse* functions Calling any of the Parse functions on Go source code which contains deeply\n nested types or declarations can cause a panic due to stack exhaustion. (CVE-2022-1705,\n CVE-2022-1962, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633,\n CVE-2022-30635, CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://groups.google.com/g/golang-dev/c/frczlF8OFQ0\");\n # https://vuxml.freebsd.org/freebsd/a4f2416c-02a0-11ed-b817-10c37b4ac2ea.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?27a1175e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:go117\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:go118\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'go117<1.17.12',\n 'go118<1.18.4'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:39:03", "description": "The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5799 advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-16T00:00:00", "type": "nessus", "title": "AlmaLinux 9 : go-toolset and golang (ALSA-2022:5799)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-24T00:00:00", "cpe": ["p-cpe:/a:alma:linux:golang", "p-cpe:/a:alma:linux:golang-bin", "p-cpe:/a:alma:linux:golang-docs", "p-cpe:/a:alma:linux:golang-misc", "p-cpe:/a:alma:linux:golang-race", "p-cpe:/a:alma:linux:golang-src", "p-cpe:/a:alma:linux:golang-tests", "cpe:/o:alma:linux:9", "cpe:/o:alma:linux:9::appstream"], "id": "ALMA_LINUX_ALSA-2022-5799.NASL", "href": "https://www.tenable.com/plugins/nessus/167694", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:5799.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167694);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/24\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"ALSA\", value:\"2022:5799\");\n\n script_name(english:\"AlmaLinux 9 : go-toolset and golang (ALSA-2022:5799)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2022:5799 advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/9/ALSA-2022-5799.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(1325);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::appstream\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 9.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'golang-1.17.12-1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.17.12-1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'golang / golang-bin / golang-docs / golang-misc / golang-race / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-23T00:14:22", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8057 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`;\n not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`.\n client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods. (CVE-2022-21698)\n\n - Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-30T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : grafana (RLSA-2022:8057)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-21698", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2023-03-22T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:grafana", "p-cpe:/a:rocky:linux:grafana-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-8057.NASL", "href": "https://www.tenable.com/plugins/nessus/170778", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:8057.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170778);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-21698\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"RLSA\", value:\"2022:8057\");\n\n script_name(english:\"Rocky Linux 8 : grafana (RLSA-2022:8057)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2022:8057 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package\n in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version\n 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential\n memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an\n instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`;\n not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our\n middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`.\n client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including\n removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected\n promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method\n given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow\n a limited set of methods. (CVE-2022-21698)\n\n - Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a\n panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:8057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2044628\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2045880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2050648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2050742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2050743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2055349\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2065290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2104367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107376\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107392\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grafana and / or grafana-debuginfo packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21698\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:grafana\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:grafana-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'grafana-7.5.15-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grafana-7.5.15-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grafana-debuginfo-7.5.15-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grafana-debuginfo-7.5.15-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grafana / grafana-debuginfo');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-04T15:22:30", "description": "The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:7648 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-12T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : grafana-pcp (ALSA-2022:7648)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-24T00:00:00", "cpe": ["p-cpe:/a:alma:linux:grafana-pcp", "cpe:/o:alma:linux:8", "cpe:/o:alma:linux:8::appstream"], "id": "ALMA_LINUX_ALSA-2022-7648.NASL", "href": "https://www.tenable.com/plugins/nessus/167294", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:7648.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167294);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/24\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"ALSA\", value:\"2022:7648\");\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"AlmaLinux 8 : grafana-pcp (ALSA-2022:7648)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nALSA-2022:7648 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a\n panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-7648.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grafana-pcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(1325);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:grafana-pcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::appstream\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'grafana-pcp-3.2.0-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grafana-pcp-3.2.0-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grafana-pcp');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-04T22:56:29", "description": "The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-8250 advisory.\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-22T00:00:00", "type": "nessus", "title": "Oracle Linux 9 : grafana-pcp (ELSA-2022-8250)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-28T00:00:00", "cpe": ["cpe:/o:oracle:linux:9", "p-cpe:/a:oracle:linux:grafana-pcp"], "id": "ORACLELINUX_ELSA-2022-8250.NASL", "href": "https://www.tenable.com/plugins/nessus/168102", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-8250.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168102);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/28\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"Oracle Linux 9 : grafana-pcp (ELSA-2022-8250)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-8250 advisory.\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a\n panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-8250.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grafana-pcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grafana-pcp\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 9', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'grafana-pcp-3.2.0-3.el9', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grafana-pcp-3.2.0-3.el9', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grafana-pcp');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-04T15:23:15", "description": "The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:7648 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-08T00:00:00", "type": "nessus", "title": "CentOS 8 : grafana-pcp (CESA-2022:7648)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-24T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:grafana-pcp"], "id": "CENTOS8_RHSA-2022-7648.NASL", "href": "https://www.tenable.com/plugins/nessus/167120", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:7648. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167120);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/24\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"RHSA\", value:\"2022:7648\");\n\n script_name(english:\"CentOS 8 : grafana-pcp (CESA-2022:7648)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2022:7648 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:7648\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grafana-pcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grafana-pcp\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'grafana-pcp-3.2.0-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grafana-pcp-3.2.0-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grafana-pcp');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-05T00:42:48", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7648 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-09T00:00:00", "type": "nessus", "title": "RHEL 8 : grafana-pcp (RHSA-2022:7648)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:grafana-pcp"], "id": "REDHAT-RHSA-2022-7648.NASL", "href": "https://www.tenable.com/plugins/nessus/167136", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:7648. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167136);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"RHSA\", value:\"2022:7648\");\n\n script_name(english:\"RHEL 8 : grafana-pcp (RHSA-2022:7648)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:7648 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:7648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107388\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grafana-pcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 444, 1325);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grafana-pcp\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'grafana-pcp-3.2.0-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grafana-pcp');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-04T18:46:32", "description": "The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8250 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-16T00:00:00", "type": "nessus", "title": "RHEL 9 : grafana-pcp (RHSA-2022:8250)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:9", "p-cpe:/a:redhat:enterprise_linux:grafana-pcp"], "id": "REDHAT-RHSA-2022-8250.NASL", "href": "https://www.tenable.com/plugins/nessus/167619", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:8250. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167619);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"RHSA\", value:\"2022:8250\");\n\n script_name(english:\"RHEL 9 : grafana-pcp (RHSA-2022:8250)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:8250 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:8250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107388\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grafana-pcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 444, 1325);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grafana-pcp\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/aarch64/appstream/debug',\n 'content/dist/rhel9/9/aarch64/appstream/os',\n 'content/dist/rhel9/9/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/baseos/debug',\n 'content/dist/rhel9/9/aarch64/baseos/os',\n 'content/dist/rhel9/9/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/codeready-builder/debug',\n 'content/dist/rhel9/9/aarch64/codeready-builder/os',\n 'content/dist/rhel9/9/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/highavailability/debug',\n 'content/dist/rhel9/9/aarch64/highavailability/os',\n 'content/dist/rhel9/9/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/supplementary/debug',\n 'content/dist/rhel9/9/aarch64/supplementary/os',\n 'content/dist/rhel9/9/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/appstream/debug',\n 'content/dist/rhel9/9/ppc64le/appstream/os',\n 'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/baseos/debug',\n 'content/dist/rhel9/9/ppc64le/baseos/os',\n 'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/debug',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/os',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/highavailability/debug',\n 'content/dist/rhel9/9/ppc64le/highavailability/os',\n 'content/dist/rhel9/9/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/debug',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/os',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/debug',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/os',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap/debug',\n 'content/dist/rhel9/9/ppc64le/sap/os',\n 'content/dist/rhel9/9/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/supplementary/debug',\n 'content/dist/rhel9/9/ppc64le/supplementary/os',\n 'content/dist/rhel9/9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/s390x/appstream/debug',\n 'content/dist/rhel9/9/s390x/appstream/os',\n 'content/dist/rhel9/9/s390x/appstream/source/SRPMS',\n 'content/dist/rhel9/9/s390x/baseos/debug',\n 'content/dist/rhel9/9/s390x/baseos/os',\n 'content/dist/rhel9/9/s390x/baseos/source/SRPMS',\n 'content/dist/rhel9/9/s390x/codeready-builder/debug',\n 'content/dist/rhel9/9/s390x/codeready-builder/os',\n 'content/dist/rhel9/9/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/s390x/highavailability/debug',\n 'content/dist/rhel9/9/s390x/highavailability/os',\n 'content/dist/rhel9/9/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/s390x/resilientstorage/debug',\n 'content/dist/rhel9/9/s390x/resilientstorage/os',\n 'content/dist/rhel9/9/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/s390x/sap/debug',\n 'content/dist/rhel9/9/s390x/sap/os',\n 'content/dist/rhel9/9/s390x/sap/source/SRPMS',\n 'content/dist/rhel9/9/s390x/supplementary/debug',\n 'content/dist/rhel9/9/s390x/supplementary/os',\n 'content/dist/rhel9/9/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'grafana-pcp-3.2.0-3.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grafana-pcp');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-04T12:48:02", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-7648 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-15T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : grafana-pcp (ELSA-2022-7648)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-24T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:grafana-pcp"], "id": "ORACLELINUX_ELSA-2022-7648.NASL", "href": "https://www.tenable.com/plugins/nessus/167538", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-7648.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167538);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/24\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"Oracle Linux 8 : grafana-pcp (ELSA-2022-7648)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-7648 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a\n panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-7648.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grafana-pcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grafana-pcp\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'grafana-pcp-3.2.0-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grafana-pcp-3.2.0-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grafana-pcp');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-04T12:48:01", "description": "The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:8250 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-19T00:00:00", "type": "nessus", "title": "AlmaLinux 9 : grafana-pcp (ALSA-2022:8250)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-11-24T00:00:00", "cpe": ["p-cpe:/a:alma:linux:grafana-pcp", "cpe:/o:alma:linux:9", "cpe:/o:alma:linux:9::appstream"], "id": "ALMA_LINUX_ALSA-2022-8250.NASL", "href": "https://www.tenable.com/plugins/nessus/167986", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:8250.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167986);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/24\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"ALSA\", value:\"2022:8250\");\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"AlmaLinux 9 : grafana-pcp (ALSA-2022:8250)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nALSA-2022:8250 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a\n panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/9/ALSA-2022-8250.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grafana-pcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(1325);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:grafana-pcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::appstream\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 9.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'grafana-pcp-3.2.0-3.el9', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grafana-pcp-3.2.0-3.el9', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grafana-pcp');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-09T08:55:55", "description": "According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.\n (CVE-2022-29526)\n\n - In filepath.Clean in path/filepath in Go before 1.17.11 and 1.18.x before 1.18.3 on Windows, invalid paths such as .\\c: could be converted to valid paths (such as c: in this example). (CVE-2022-29804)\n\n - Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. (CVE-2022-30629)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-2651)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-29526", "CVE-2022-29804", "CVE-2022-30629", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30634", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32189"], "modified": "2022-11-02T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:golang", "p-cpe:/a:huawei:euleros:golang-devel", "p-cpe:/a:huawei:euleros:golang-help", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2651.NASL", "href": "https://www.tenable.com/plugins/nessus/166813", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166813);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/02\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-29526\",\n \"CVE-2022-29804\",\n \"CVE-2022-30629\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30634\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\",\n \"CVE-2022-32189\"\n );\n\n script_name(english:\"EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-2651)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a\n panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero\n flags parameter, the Faccessat function could incorrectly report that a file is accessible.\n (CVE-2022-29526)\n\n - In filepath.Clean in path/filepath in Go before 1.17.11 and 1.18.x before 1.18.3 on Windows, invalid paths\n such as .\\c: could be converted to valid paths (such as c: in this example). (CVE-2022-29804)\n\n - Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3\n allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket\n ages during session resumption. (CVE-2022-30629)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a\n nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause\n an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go\n before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2651\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?534b3cf7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected golang packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29526\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-29804\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-help\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"golang-1.15.7-15.h2.eulerosv2r10\",\n \"golang-devel-1.15.7-15.h2.eulerosv2r10\",\n \"golang-help-1.15.7-15.h2.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-09T16:59:21", "description": "According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.\n (CVE-2022-29526)\n\n - In filepath.Clean in path/filepath in Go before 1.17.11 and 1.18.x before 1.18.3 on Windows, invalid paths such as .\\c: could be converted to valid paths (such as c: in this example). (CVE-2022-29804)\n\n - Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. (CVE-2022-30629)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-2683)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-29526", "CVE-2022-29804", "CVE-2022-30629", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30634", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32189"], "modified": "2022-11-02T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:golang", "p-cpe:/a:huawei:euleros:golang-devel", "p-cpe:/a:huawei:euleros:golang-help", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2683.NASL", "href": "https://www.tenable.com/plugins/nessus/166869", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166869);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/02\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-29526\",\n \"CVE-2022-29804\",\n \"CVE-2022-30629\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30634\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\",\n \"CVE-2022-32189\"\n );\n\n script_name(english:\"EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-2683)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a\n panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero\n flags parameter, the Faccessat function could incorrectly report that a file is accessible.\n (CVE-2022-29526)\n\n - In filepath.Clean in path/filepath in Go before 1.17.11 and 1.18.x before 1.18.3 on Windows, invalid paths\n such as .\\c: could be converted to valid paths (such as c: in this example). (CVE-2022-29804)\n\n - Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3\n allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket\n ages during session resumption. (CVE-2022-30629)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a\n nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause\n an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go\n before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2683\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6eb143a9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected golang packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29526\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-29804\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-help\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"golang-1.15.7-15.h2.eulerosv2r10\",\n \"golang-devel-1.15.7-15.h2.eulerosv2r10\",\n \"golang-help-1.15.7-15.h2.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-27T00:01:18", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7529 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability. (CVE-2022-1708)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`;\n not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`.\n client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods. (CVE-2022-21698)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-12T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : container-tools:3.0 (ALSA-2022:7529)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1708", "CVE-2022-1962", "CVE-2022-21698", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-32148"], "modified": "2022-11-14T00:00:00", "cpe": ["p-cpe:/a:alma:linux:cockpit-podman", "p-cpe:/a:alma:linux:container-selinux", "p-cpe:/a:alma:linux:containernetworking-plugins", "p-cpe:/a:alma:linux:crit", "p-cpe:/a:alma:linux:criu", "p-cpe:/a:alma:linux:crun", "p-cpe:/a:alma:linux:fuse-overlayfs", "p-cpe:/a:alma:linux:libslirp", "p-cpe:/a:alma:linux:libslirp-devel", "p-cpe:/a:alma:linux:oci-seccomp-bpf-hook", "p-cpe:/a:alma:linux:python3-criu", "p-cpe:/a:alma:linux:runc", "p-cpe:/a:alma:linux:slirp4netns", "p-cpe:/a:alma:linux:toolbox", "p-cpe:/a:alma:linux:toolbox-tests", "p-cpe:/a:alma:linux:udica", "cpe:/o:alma:linux:8", "cpe:/o:alma:linux:8::appstream"], "id": "ALMA_LINUX_ALSA-2022-7529.NASL", "href": "https://www.tenable.com/plugins/nessus/167290", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:7529.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167290);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/14\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1708\",\n \"CVE-2022-1962\",\n \"CVE-2022-21698\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"ALSA\", value:\"2022:7529\");\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"AlmaLinux 8 : container-tools:3.0 (ALSA-2022:7529)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2022:7529 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with\n access to the Kube API. The ExecSync request runs commands in a container and logs the output of the\n command. This output is then read by CRI-O after command execution, and it is read in a manner where the\n entire file corresponding to the output of the command is read in. Thus, if the output of the command is\n large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of\n the command. The highest threat from this vulnerability is system availability. (CVE-2022-1708)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package\n in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version\n 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential\n memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an\n instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`;\n not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our\n middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`.\n client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including\n removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected\n promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method\n given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow\n a limited set of methods. (CVE-2022-21698)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a\n panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a\n panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a\n nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-7529.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1708\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(400, 770, 1325);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:cockpit-podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:crun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libslirp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libslirp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:oci-seccomp-bpf-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:toolbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:toolbox-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:udica\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::appstream\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar module_ver = get_kb_item('Host/AlmaLinux/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:3.0');\nif ('3.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nvar appstreams = {\n 'container-tools:3.0': [\n {'reference':'cockpit-podman-29-2.module_el8.6.0+2876+9ed4eae2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'container-selinux-2.189.0-1.module_el8.6.0+3336+00d107d5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'containernetworking-plugins-0.9.1-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.9.1-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crit-3.15-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crit-3.15-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.15-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.15-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crun-0.18-3.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crun-0.18-3.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-1.4.0-2.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-1.4.0-2.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-4.3.1-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-4.3.1-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-devel-4.3.1-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-devel-4.3.1-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-seccomp-bpf-hook-1.2.0-3.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-seccomp-bpf-hook-1.2.0-3.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.15-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.15-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-73.rc95.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-73.rc95.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-1.1.8-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-1.1.8-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'toolbox-0.0.99.3-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'toolbox-0.0.99.3-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'toolbox-tests-0.0.99.3-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'toolbox-tests-0.0.99.3-1.module_el8.6.0+2876+9ed4eae2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'udica-0.2.4-1.module_el8.6.0+2876+9ed4eae2', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/AlmaLinux/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:3.0');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cockpit-podman / container-selinux / containernetworking-plugins / etc');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-04T17:06:00", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7529 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - cri-o: memory exhaustion on the node when access to the kube api (CVE-2022-1708)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-09T00:00:00", "type": "nessus", "title": "RHEL 8 : container-tools:3.0 (RHSA-2022:7529)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1708", "CVE-2022-1962", "CVE-2022-21698", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-32148"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:buildah", "p-cpe:/a:redhat:enterprise_linux:buildah-tests", "p-cpe:/a:redhat:enterprise_linux:cockpit-podman", "p-cpe:/a:redhat:enterprise_linux:conmon", "p-cpe:/a:redhat:enterprise_linux:container-selinux", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins", "p-cpe:/a:redhat:enterprise_linux:containers-common", "p-cpe:/a:redhat:enterprise_linux:crit", "p-cpe:/a:redhat:enterprise_linux:criu", "p-cpe:/a:redhat:enterprise_linux:crun", "p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs", "p-cpe:/a:redhat:enterprise_linux:libslirp", "p-cpe:/a:redhat:enterprise_linux:libslirp-devel", "p-cpe:/a:redhat:enterprise_linux:oci-seccomp-bpf-hook", "p-cpe:/a:redhat:enterprise_linux:podman", "p-cpe:/a:redhat:enterprise_linux:podman-catatonit", "p-cpe:/a:redhat:enterprise_linux:podman-docker", "p-cpe:/a:redhat:enterprise_linux:podman-plugins", "p-cpe:/a:redhat:enterprise_linux:podman-remote", "p-cpe:/a:redhat:enterprise_linux:podman-tests", "p-cpe:/a:redhat:enterprise_linux:python3-criu", "p-cpe:/a:redhat:enterprise_linux:runc", "p-cpe:/a:redhat:enterprise_linux:skopeo", "p-cpe:/a:redhat:enterprise_linux:skopeo-tests", "p-cpe:/a:redhat:enterprise_linux:slirp4netns", "p-cpe:/a:redhat:enterprise_linux:toolbox", "p-cpe:/a:redhat:enterprise_linux:toolbox-tests", "p-cpe:/a:redhat:enterprise_linux:udica"], "id": "REDHAT-RHSA-2022-7529.NASL", "href": "https://www.tenable.com/plugins/nessus/167148", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:7529. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167148);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1708\",\n \"CVE-2022-1962\",\n \"CVE-2022-21698\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"RHSA\", value:\"2022:7529\");\n\n script_name(english:\"RHEL 8 : container-tools:3.0 (RHSA-2022:7529)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:7529 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - cri-o: memory exhaustion on the node when access to the kube api (CVE-2022-1708)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1708\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-21698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-28131\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:7529\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2045880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2085361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107376\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107392\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1708\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 400, 444, 770, 772, 1325);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:conmon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:crun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libslirp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libslirp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:oci-seccomp-bpf-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-catatonit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:skopeo-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:toolbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:toolbox-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:udica\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'container-tools:3.0': [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'buildah-1.19.9-6.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-tests-1.19.9-6.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cockpit-podman-29-2.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'conmon-2.0.26-3.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'container-selinux-2.189.0-1.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'containernetworking-plugins-0.9.1-1.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containers-common-1.2.4-2.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'crit-3.15-1.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.15-1.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crun-0.18-3.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-1.4.0-2.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-4.3.1-1.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-devel-4.3.1-1.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-3.0.1-13.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-catatonit-3.0.1-13.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-docker-3.0.1-13.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-plugins-3.0.1-13.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-remote-3.0.1-13.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-tests-3.0.1-13.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.15-1.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'skopeo-1.2.4-2.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-tests-1.2.4-2.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'slirp4netns-1.1.8-1.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'toolbox-0.0.99.3-1.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'toolbox-tests-0.0.99.3-1.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'udica-0.2.4-1.module+el8.7.0+16212+65e1b35f', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:3.0');\nif ('3.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:3.0');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / buildah-tests / cockpit-podman / conmon / container-selinux / etc');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-09T19:01:38", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7529 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - cri-o: memory exhaustion on the node when access to the kube api (CVE-2022-1708)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-09T00:00:00", "type": "nessus", "title": "CentOS 8 : container-tools:3.0 (CESA-2022:7529)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1708", "CVE-2022-1962", "CVE-2022-21698", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-32148"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:buildah", "p-cpe:/a:centos:centos:buildah-tests", "p-cpe:/a:centos:centos:cockpit-podman", "p-cpe:/a:centos:centos:conmon", "p-cpe:/a:centos:centos:container-selinux", "p-cpe:/a:centos:centos:containernetworking-plugins", "p-cpe:/a:centos:centos:containers-common", "p-cpe:/a:centos:centos:crit", "p-cpe:/a:centos:centos:criu", "p-cpe:/a:centos:centos:crun", "p-cpe:/a:centos:centos:fuse-overlayfs", "p-cpe:/a:centos:centos:libslirp", "p-cpe:/a:centos:centos:libslirp-devel", "p-cpe:/a:centos:centos:oci-seccomp-bpf-hook", "p-cpe:/a:centos:centos:podman", "p-cpe:/a:centos:centos:podman-catatonit", "p-cpe:/a:centos:centos:podman-docker", "p-cpe:/a:centos:centos:podman-plugins", "p-cpe:/a:centos:centos:podman-remote", "p-cpe:/a:centos:centos:podman-tests", "p-cpe:/a:centos:centos:python3-criu", "p-cpe:/a:centos:centos:skopeo", "p-cpe:/a:centos:centos:skopeo-tests", "p-cpe:/a:centos:centos:slirp4netns", "p-cpe:/a:centos:centos:udica"], "id": "CENTOS8_RHSA-2022-7529.NASL", "href": "https://www.tenable.com/plugins/nessus/167185", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:7529. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167185);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1708\",\n \"CVE-2022-1962\",\n \"CVE-2022-21698\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"RHSA\", value:\"2022:7529\");\n\n script_name(english:\"CentOS 8 : container-tools:3.0 (CESA-2022:7529)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2022:7529 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - cri-o: memory exhaustion on the node when access to the kube api (CVE-2022-1708)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:7529\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1708\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:buildah-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cockpit-podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:conmon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:crun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libslirp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libslirp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:oci-seccomp-bpf-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:podman-catatonit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:podman-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:podman-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:podman-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:skopeo-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:udica\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:3.0');\nif ('3.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nvar appstreams = {\n 'container-tools:3.0': [\n {'reference':'buildah-1.19.9-6.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-1.19.9-6.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-tests-1.19.9-6.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-tests-1.19.9-6.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cockpit-podman-29-2.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'cockpit-podman-29-2.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'conmon-2.0.26-3.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'conmon-2.0.26-3.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'container-selinux-2.189.0-1.module_el8.7.0+1216+b022c01d', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'container-selinux-2.189.0-1.module_el8.7.0+1216+b022c01d', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.9.1-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.9.1-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containers-common-1.2.4-2.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containers-common-1.2.4-2.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crit-3.15-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crit-3.15-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.15-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.15-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crun-0.18-3.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crun-0.18-3.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-1.4.0-2.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-1.4.0-2.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-4.3.1-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-4.3.1-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-devel-4.3.1-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-devel-4.3.1-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-seccomp-bpf-hook-1.2.0-3.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-seccomp-bpf-hook-1.2.0-3.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-catatonit-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-catatonit-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-docker-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-docker-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-plugins-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-plugins-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-remote-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-remote-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-tests-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-tests-3.0.1-13.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.15-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.15-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'skopeo-1.2.4-2.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'skopeo-1.2.4-2.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'skopeo-tests-1.2.4-2.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'skopeo-tests-1.2.4-2.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-1.1.8-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-1.1.8-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'udica-0.2.4-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'udica-0.2.4-1.module_el8.7.0+1217+ea57d1f1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:3.0');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / buildah-tests / cockpit-podman / conmon / container-selinux / etc');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-26T00:05:48", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7529 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\n - A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability. (CVE-2022-1708)\n\n - client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`;\n not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`.\n client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods. (CVE-2022-21698)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-15T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : container-tools:3.0 (ELSA-2022-7529)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1708", "CVE-2022-1962", "CVE-2022-21698", "CVE-2022-28131", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-32148"], "modified": "2022-11-21T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:buildah", "p-cpe:/a:oracle:linux:buildah-tests", "p-cpe:/a:oracle:linux:cockpit-podman", "p-cpe:/a:oracle:linux:conmon", "p-cpe:/a:oracle:linux:container-selinux", "p-cpe:/a:oracle:linux:containernetworking-plugins", "p-cpe:/a:oracle:linux:containers-common", "p-cpe:/a:oracle:linux:crit", "p-cpe:/a:oracle:linux:criu", "p-cpe:/a:oracle:linux:crun", "p-cpe:/a:oracle:linux:fuse-overlayfs", "p-cpe:/a:oracle:linux:libslirp", "p-cpe:/a:oracle:linux:libslirp-devel", "p-cpe:/a:oracle:linux:oci-seccomp-bpf-hook", "p-cpe:/a:oracle:linux:podman", "p-cpe:/a:oracle:linux:podman-catatonit", "p-cpe:/a:oracle:linux:podman-docker", "p-cpe:/a:oracle:linux:podman-plugins", "p-cpe:/a:oracle:linux:podman-remote", "p-cpe:/a:oracle:linux:podman-tests", "p-cpe:/a:oracle:linux:python3-criu", "p-cpe:/a:oracle:linux:runc", "p-cpe:/a:oracle:linux:skopeo", "p-cpe:/a:oracle:linux:skopeo-tests", "p-cpe:/a:oracle:linux:slirp4netns", "p-cpe:/a:oracle:linux:udica"], "id": "ORACLELINUX_ELSA-2022-7529.NASL", "href": "https://www.tenable.com/plugins/nessus/167537", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-7529.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167537);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/21\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1708\",\n \"CVE-2022-1962\",\n \"CVE-2022-21698\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"Oracle Linux 8 : container-tools:3.0 (ELSA-2022-7529)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-7529 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a\n panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a\n nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\n - A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with\n access to the Kube API. The ExecSync request runs commands in a container and logs the output of the\n command. This output is then read by CRI-O after command execution, and it is read in a manner where the\n entire file corresponding to the output of the command is read in. Thus, if the output of the command is\n large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of\n the command. The highest threat from this vulnerability is system availability. (CVE-2022-1708)\n\n - client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package\n in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version\n 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential\n memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an\n instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`;\n not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our\n middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`.\n client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including\n removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected\n promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method\n given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow\n a limited set of methods. (CVE-2022-21698)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a\n panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-7529.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1708\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:buildah-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cockpit-podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:conmon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:crun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libslirp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libslirp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oci-seccomp-bpf-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-catatonit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:skopeo-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:udica\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:3.0');\nif ('3.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nvar appstreams = {\n 'container-tools:3.0': [\n {'reference':'buildah-1.19.9-6.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-1.19.9-6.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-tests-1.19.9-6.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-tests-1.19.9-6.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cockpit-podman-29-2.module+el8.7.0+20785+0180d035', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'conmon-2.0.26-3.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'conmon-2.0.26-3.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'container-selinux-2.189.0-1.module+el8.7.0+20785+0180d035', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'containernetworking-plugins-0.9.1-1.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.9.1-1.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containers-common-1.2.4-2.0.1.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'containers-common-1.2.4-2.0.1.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'crit-3.15-1.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crit-3.15-1.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.15-1.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.15-1.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crun-0.18-3.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crun-0.18-3.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-1.4.0-2.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-1.4.0-2.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-4.3.1-1.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-4.3.1-1.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-devel-4.3.1-1.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libslirp-devel-4.3.1-1.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-3.0.1-13.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-3.0.1-13.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-catatonit-3.0.1-13.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-catatonit-3.0.1-13.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-docker-3.0.1-13.module+el8.7.0+20785+0180d035', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-plugins-3.0.1-13.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-plugins-3.0.1-13.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-remote-3.0.1-13.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-remote-3.0.1-13.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-tests-3.0.1-13.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-tests-3.0.1-13.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.15-1.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.15-1.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-73.rc95.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-73.rc95.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'skopeo-1.2.4-2.0.1.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-1.2.4-2.0.1.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-tests-1.2.4-2.0.1.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-tests-1.2.4-2.0.1.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'slirp4netns-1.1.8-1.module+el8.7.0+20785+0180d035', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-1.1.8-1.module+el8.7.0+20785+0180d035', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'udica-0.2.4-1.module+el8.7.0+20785+0180d035', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:3.0');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / buildah-tests / cockpit-podman / etc');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-10T19:32:34", "description": "According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete. (CVE-2020-14039)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. (CVE-2022-30629)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-14T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2288)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-14039", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30629", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30634", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-09-14T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:golang", "p-cpe:/a:huawei:euleros:golang-devel", "p-cpe:/a:huawei:euleros:golang-help", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2288.NASL", "href": "https://www.tenable.com/plugins/nessus/165035", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165035);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/09/14\");\n\n script_cve_id(\n \"CVE-2020-14039\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30629\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30634\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2288)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the\n VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on\n Windows). Thus, X.509 certificate verification is incomplete. (CVE-2020-14039)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a\n panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3\n allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket\n ages during session resumption. (CVE-2022-30629)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a\n nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause\n an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2288\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?989fad42\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected golang packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14039\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-help\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"golang-1.13.3-10.h26.eulerosv2r9\",\n \"golang-devel-1.13.3-10.h26.eulerosv2r9\",\n \"golang-help-1.13.3-10.h26.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-10T19:33:14", "description": "According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete. (CVE-2020-14039)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. (CVE-2022-30629)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-14T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2317)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-14039", "CVE-2022-1962", "CVE-2022-28131", "CVE-2022-30629", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30634", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2022-09-14T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:golang", "p-cpe:/a:huawei:euleros:golang-devel", "p-cpe:/a:huawei:euleros:golang-help", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2317.NASL", "href": "https://www.tenable.com/plugins/nessus/165046", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165046);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/09/14\");\n\n script_cve_id(\n \"CVE-2020-14039\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30629\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30634\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2317)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the\n VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on\n Windows). Thus, X.509 certificate verification is incomplete. (CVE-2020-14039)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a\n panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3\n allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket\n ages during session resumption. (CVE-2022-30629)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a\n nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause\n an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2317\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?27d10749\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected golang packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14039\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-help\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"golang-1.13.3-10.h26.eulerosv2r9\",\n \"golang-devel-1.13.3-10.h26.eulerosv2r9\",\n \"golang-help-1.13.3-10.h26.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-23T00:14:06", "description": "The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5799 advisory.\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. (CVE-2022-24675)\n\n - regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. (CVE-2022-24921)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-02-06T00:00:00", "type": "nessus", "title": "Rocky Linux 9 : go-toolset and golang (RLSA-2022:5799)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-24675", "CVE-2022-24921", "CVE-2022-28131", "CVE-2022-28327", "CVE-2022-29526", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2023-03-22T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:go-toolset", "p-cpe:/a:rocky:linux:golang", "p-cpe:/a:rocky:linux:golang-bin", "p-cpe:/a:rocky:linux:golang-docs", "p-cpe:/a:rocky:linux:golang-misc", "p-cpe:/a:rocky:linux:golang-race", "p-cpe:/a:rocky:linux:golang-src", "p-cpe:/a:rocky:linux:golang-tests", "cpe:/o:rocky:linux:9"], "id": "ROCKY_LINUX_RLSA-2022-5799.NASL", "href": "https://www.tenable.com/plugins/nessus/171016", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:5799.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(171016);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-24675\",\n \"CVE-2022-24921\",\n \"CVE-2022-28131\",\n \"CVE-2022-28327\",\n \"CVE-2022-29526\",\n \"CVE-2022-30629\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"RLSA\", value:\"2022:5799\");\n\n script_name(english:\"Rocky Linux 9 : go-toolset and golang (RLSA-2022:5799)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2022:5799 advisory.\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount\n of PEM data. (CVE-2022-24675)\n\n - regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested\n expression. (CVE-2022-24921)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:5799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107376\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2107392\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29526\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/02/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:go-toolset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:9\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 9.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'go-toolset-1.17.12-1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'go-toolset / golang / golang-bin / golang-docs / golang-misc / etc');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-07T22:37:18", "description": "The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5799 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n\n - golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n\n - golang: syscall: faccessat checks wrong group (CVE-2022-29526)\n\n - golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-01T00:00:00", "type": "nessus", "title": "RHEL 9 : go-toolset and golang (RHSA-2022:5799)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-24675", "CVE-2022-24921", "CVE-2022-28131", "CVE-2022-28327", "CVE-2022-29526", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148"], "modified": "2023-02-02T00:00:00", "cpe": ["p-cpe:2.3:a:redhat:enterprise_linux:go-toolset:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-bin:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-docs:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-misc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-race:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-src:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:golang-tests:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_e4s:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:9.0:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2022-5799.NASL", "href": "https://www.tenable.com/plugins/nessus/163676", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5799. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163676);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-28131\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\"\n );\n script_xref(name:\"RHSA\", value:\"2022:5799\");\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"RHEL 9 : go-toolset and golang (RHSA-2022:5799)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5799 advisory.\n\n - golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n - golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n - golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n\n - golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921)\n\n - golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n - golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n\n - golang: syscall: faccessat checks wrong group (CVE-2022-29526)\n\n - golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\n - golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n - golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n - golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n - golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n - golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n - golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-24675\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-24921\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-28131\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-28327\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-29526\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30629\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064857\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2077688\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2077689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2084085\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107376\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2107392\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32148\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(120, 190, 200, 269, 280, 331, 400, 444, 1325);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-tests\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'go-toolset-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.17.12-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.17.12-1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel9/9.0/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.0/x86_64/appstream/os',\n 'content/e4s/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.0/x86_64/baseos/os',\n 'content/e4s/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/nfv/debug',\n 'content/e4s/rhel9/9.0/x86_64/nfv/os',\n 'content/e4s/rhel9/9.0/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/rt/debug',\n 'content/e4s/rhel9/9.0/x86_64/rt/os',\n 'content/e4s/rhel9/9.0/x86_64/rt/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap/os',\n 'content/e4s/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/appstream/debug',\n 'content/eus/rhel9/9.0/x86_64/appstream/os',\n 'content/eus/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/baseos/debug',\n 'content/eus/rhel9/9.0/x86_64/baseos/os',\n 'content/eus/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.0/x86_64/highavailability/os',\n 'content/eus/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap/debug',\n 'content/eus/rhel9/9.0/x86_64/sap/os',\n 'content/eus/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.0/x86_64/supplementary/os',\n 'content/eus/rhel9/9.0/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'go-toolset-1.17.12-1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.17.12-1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.17.12-1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.17.12-1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.17.12-1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.17.12-1.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.17.12-1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.17.12-1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'go-toolset / golang / golang-bin / golang-docs / golang-misc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:31:39", "description": "The version of golang installed on the remote host is prior to 1.18.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1846 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.\n (CVE-2022-1996)\n\n - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. (CVE-2022-24675)\n\n - The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. (CVE-2022-27191)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. (CVE-2022-28327)\n\n - Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.\n (CVE-2022-29526)\n\n - Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. (CVE-2022-30629)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-10-10T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : golang (ALAS-2022-1846)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1705", "CVE-2022-1962", "CVE-2022-1996", "CVE-2022-24675", "CVE-2022-27191", "CVE-2022-28131", "CVE-2022-28327", "CVE-2022-29526", "CVE-2022-30629", "CVE-2022-30630", "CVE-2022-30631", "CVE-2022-30632", "CVE-2022-30633", "CVE-2022-30635", "CVE-2022-32148", "CVE-2022-32189"], "modified": "2022-11-01T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:golang", "p-cpe:/a:amazon:linux:golang-bin", "p-cpe:/a:amazon:linux:golang-docs", "p-cpe:/a:amazon:linux:golang-misc", "p-cpe:/a:amazon:linux:golang-race", "p-cpe:/a:amazon:linux:golang-shared", "p-cpe:/a:amazon:linux:golang-src", "p-cpe:/a:amazon:linux:golang-tests", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2022-1846.NASL", "href": "https://www.tenable.com/plugins/nessus/165989", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1846.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165989);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/01\");\n\n script_cve_id(\n \"CVE-2022-1705\",\n \"CVE-2022-1962\",\n \"CVE-2022-1996\",\n \"CVE-2022-24675\",\n \"CVE-2022-27191\",\n \"CVE-2022-28131\",\n \"CVE-2022-28327\",\n \"CVE-2022-29526\",\n \"CVE-2022-30629\",\n \"CVE-2022-30630\",\n \"CVE-2022-30631\",\n \"CVE-2022-30632\",\n \"CVE-2022-30633\",\n \"CVE-2022-30635\",\n \"CVE-2022-32148\",\n \"CVE-2022-32189\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0025-S\");\n\n script_name(english:\"Amazon Linux 2 : golang (ALAS-2022-1846)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of golang installed on the remote host is prior to 1.18.5-1. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2022-1846 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12\n and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly\n fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an\n attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.\n (CVE-2022-1996)\n\n - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount\n of PEM data. (CVE-2022-24675)\n\n - The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to\n crash a server in certain circumstances involving AddHostKey. (CVE-2022-27191)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a\n panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic\n via long scalar input. (CVE-2022-28327)\n\n - Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero\n flags parameter, the Faccessat function could incorrectly report that a file is accessible.\n (CVE-2022-29526)\n\n - Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3\n allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket\n ages during session resumption. (CVE-2022-30629)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a\n panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker\n to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length\n compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to\n cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a\n nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an\n attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by\n calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the\n X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For\n header. (CVE-2022-32148)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go\n before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1846.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1705.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1962.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1996.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-24675.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-27191.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-28131.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-28327.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-29526.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-30629.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-30630.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-30631.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-30632.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-30633.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-30635.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32148.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32189.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update golang' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1996\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-shared\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'golang-1.18.5-1.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.18.5-1.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.18.5-1.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.18.5-1.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.18.5-1.amzn2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.18.5-1.amzn2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.18.5-1.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-shared-1.18.5-1.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-shared-1.18.5-1.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.18.5-1.amzn2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.18.5-1.amzn2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang / golang-bin / golang-docs / etc\");\n}", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-10T19:35:36", "description": "The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1847 advisory.\n\n - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. (CVE-2022-1705)\n\n - Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. (CVE-2022-1962)\n\n - Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.\n (CVE-2022-1996)\n\n - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. (CVE-2022-24675)\n\n - The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. (CVE-2022-27191)\n\n - In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a panic can occur via a deeply nested XML document. (CVE-2022-28131)\n\n - The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. (CVE-2022-28327)\n\n - Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.\n (CVE-2022-29526)\n\n - Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. (CVE-2022-30629)\n\n - Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.\n (CVE-2022-30630)\n\n - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. (CVE-2022-30631)\n\n - Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.\n (CVE-2022-30632)\n\n - Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. (CVE-2022-30633)\n\n - Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.\n (CVE-2022-30635)\n\n - Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. (CVE-2022-32148)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : golist (ALAS-2022-1847)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege"