Lucene search
GoogleOSV:DSA-5122-1HistoryApr 18, 2022 - 12:00 a.m.
gzip - security update
2022-04-1800:00:00
Google
osv.dev
19
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.2%
Bulletin has no description
Related
nessus
nessus
EulerOS Virtualization 3.0.6.6 : gzip (EulerOS-SA-2022-2505)
2022-10-09 00:00:00
EulerOS Virtualization 2.10.1 : xz (EulerOS-SA-2022-2124)
2022-07-14 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Gzip vulnerability (USN-5378-1)
2022-04-13 00:00:00
oraclelinux
oraclelinux
xz security update
2022-06-15 00:00:00
xz security update
2022-06-30 00:00:00
gzip security update
2022-04-26 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package gzip version 1.12-alt1
2022-04-11 00:00:00
Security fix for the ALT Linux 9 package gzip version 1.10-alt1.p9.1
2023-04-10 00:00:00
suse
suse
Security update for xz (important)
2022-04-12 00:00:00
Security update for gzip (important)
2022-05-10 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: gzip-1.10-6.fc35
2022-04-20 19:13:37
[SECURITY] Fedora 36 Update: gzip-1.11-3.fc36
2022-04-28 22:25:50
[SECURITY] Fedora 34 Update: gzip-1.10-5.fc34
2022-04-30 18:40:27
redos
redos
ROS-20220516-02
2022-05-16 00:00:00
rocky
rocky
xz security update
2022-06-08 08:20:11
gzip security update
2022-04-26 09:54:04
gzip security update
2022-05-17 22:32:54
cloudfoundry
cloudfoundry
USN-5378-2: XZ Utils vulnerability | Cloud Foundry
2022-05-23 00:00:00
USN-5378-1: Gzip vulnerability | Cloud Foundry
2022-05-23 00:00:00
redhat
redhat
(RHSA-2022:4994) Important: xz security update
2022-06-13 07:16:53
(RHSA-2022:4992) Important: xz security update
2022-06-13 07:15:56
(RHSA-2022:2191) Important: gzip security update
2022-05-11 13:01:16
almalinux
almalinux
Important: gzip security update
2022-04-26 09:54:04
Important: xz security update
2022-06-13 00:00:00
Important: xz security update
2022-06-08 00:00:00
ubuntu
ubuntu
XZ Utils vulnerability
2022-04-13 00:00:00
Gzip vulnerability
2022-04-13 00:00:00
Gzip vulnerability
2022-04-13 00:00:00
centos
centos
xz security update
2022-08-02 19:22:54
gzip security update
2022-05-13 17:33:20
osv
osv
xz-utils vulnerability
2022-04-13 14:47:08
Important: xz security update
2022-06-13 00:00:00
Important: xz security update
2022-06-08 00:00:00
redhatcve
redhatcve
CVE-2022-1271
2022-04-08 08:27:59
f5
f5
K000130546 : Gzip vulnerability CVE-2022-1271
2023-01-25 00:00:00
amazon
amazon
Important: xz
2022-05-31 23:47:00
Important: gzip, xz
2022-04-25 22:56:00
Important: gzip
2022-05-31 23:47:00
gentoo
gentoo
GNU Gzip, XZ Utils: Arbitrary file write
2022-09-07 00:00:00
cloudlinux
cloudlinux
Fixed CVE-2022-1271 in gzip
2022-05-20 00:06:18
cbl_mariner
cbl_mariner
CVE-2022-1271 affecting package gzip 1.9-5
2022-09-17 05:56:35
CVE-2022-1271 affecting package gzip 1.11-1
2022-10-05 23:33:39
prion
prion
Input validation
2022-08-31 16:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2301
2023-12-05 10:33:39
debian
debian
[SECURITY] [DLA 2977-1] xz-utils security update
2022-04-10 13:07:58
[SECURITY] [DLA 2976-1] gzip security update
2022-04-10 13:01:05
[SECURITY] [DSA 5123-1] xz-utils security update
2022-04-18 19:36:12
veracode
veracode
Remote Code Execution
2022-04-10 10:33:43
freebsd
freebsd
zgrep -- arbitrary file write
2022-04-07 00:00:00
slackware
slackware
[slackware-security] gzip
2022-04-14 21:21:03
[slackware-security] xz
2022-04-14 21:21:34
ubuntucve
ubuntucve
CVE-2022-1271
2022-04-07 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in GNU Gzip (CVE-2022-1271)
2023-01-12 21:59:00
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in GNU gzip (CVE-2022-1271)
2023-02-01 15:46:50
Security Bulletin: Multiple Vulnerabilities in base image packages
2022-10-07 20:52:32
alpinelinux
alpinelinux
CVE-2022-1271
2022-08-31 16:15:00
zdi
zdi
archlinux
archlinux
[ASA-202204-8] xz: arbitrary command execution
2022-04-07 00:00:00
[ASA-202204-7] gzip: arbitrary command execution
2022-04-07 00:00:00
debiancve
debiancve
CVE-2022-1271
2022-08-31 16:15:00
mageia
mageia
Updated gzip/xz packages fix security vulnerability
2022-04-23 20:22:42
cve
cve
CVE-2022-1271
2022-08-31 16:15:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0382
2022-04-14 00:00:00
Important Photon OS Security Update - PHSA-2022-0172
2022-04-15 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0382
2022-04-14 00:00:00
virtuozzo
virtuozzo
Virtuozzo Hybrid Infrastructure 5.0 Update 1.3 (5.0.1-57)
2022-05-25 00:00:00
Virtuozzo Hybrid Infrastructure 4.7 Update 1.4 (4.7.1-53)
2022-05-25 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.2%
Related for OSV:DSA-5122-1