This commit is contained in:
NeilHanlon 2023-02-04 13:04:19 +00:00
parent 1768609822
commit b105eb0815
2 changed files with 1226 additions and 5 deletions

View File

@ -51,7 +51,7 @@
} }
a.toggle-more-links { cursor: pointer; } a.toggle-more-links { cursor: pointer; }
</style> </style>
<title>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-03 13:05:51.931004385 +0000 UTC m=+1.405401490 </title> <title>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-04 13:04:18.199306302 +0000 UTC m=+1.239187632 </title>
<script> <script>
window.onload = function() { window.onload = function() {
document.querySelectorAll('td.links').forEach(function(linkCell) { document.querySelectorAll('td.links').forEach(function(linkCell) {
@ -81,10 +81,554 @@
</script> </script>
</head> </head>
<body> <body>
<h1>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-03 13:05:51.931035786 +0000 UTC m=+1.405432891</h1> <h1>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-02-04 13:04:18.199344501 +0000 UTC m=+1.239225731</h1>
<table> <table>
<tr class="group-header"><th colspan="6">rocky</th></tr> <tr class="group-header"><th colspan="6">rocky</th></tr>
<tr><th colspan="6">No Vulnerabilities found</th></tr> <tr class="sub-header">
<th>Package</th>
<th>Vulnerability ID</th>
<th>Severity</th>
<th>Installed Version</th>
<th>Fixed Version</th>
<th>Links</th>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus</td>
<td>CVE-2022-42010</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42010">https://access.redhat.com/security/cve/CVE-2022-42010</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/418">https://gitlab.freedesktop.org/dbus/dbus/-/issues/418</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42010.html">https://linux.oracle.com/cve/CVE-2022-42010.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42010">https://nvd.nist.gov/vuln/detail/CVE-2022-42010</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus</td>
<td>CVE-2022-42011</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42011">https://access.redhat.com/security/cve/CVE-2022-42011</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/413">https://gitlab.freedesktop.org/dbus/dbus/-/issues/413</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42011.html">https://linux.oracle.com/cve/CVE-2022-42011.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42011">https://nvd.nist.gov/vuln/detail/CVE-2022-42011</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus</td>
<td>CVE-2022-42012</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42012">https://access.redhat.com/security/cve/CVE-2022-42012</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/417">https://gitlab.freedesktop.org/dbus/dbus/-/issues/417</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42012.html">https://linux.oracle.com/cve/CVE-2022-42012.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42012">https://nvd.nist.gov/vuln/detail/CVE-2022-42012</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus-daemon</td>
<td>CVE-2022-42010</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42010">https://access.redhat.com/security/cve/CVE-2022-42010</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/418">https://gitlab.freedesktop.org/dbus/dbus/-/issues/418</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42010.html">https://linux.oracle.com/cve/CVE-2022-42010.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42010">https://nvd.nist.gov/vuln/detail/CVE-2022-42010</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus-daemon</td>
<td>CVE-2022-42011</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42011">https://access.redhat.com/security/cve/CVE-2022-42011</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/413">https://gitlab.freedesktop.org/dbus/dbus/-/issues/413</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42011.html">https://linux.oracle.com/cve/CVE-2022-42011.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42011">https://nvd.nist.gov/vuln/detail/CVE-2022-42011</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus-daemon</td>
<td>CVE-2022-42012</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42012">https://access.redhat.com/security/cve/CVE-2022-42012</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/417">https://gitlab.freedesktop.org/dbus/dbus/-/issues/417</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42012.html">https://linux.oracle.com/cve/CVE-2022-42012.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42012">https://nvd.nist.gov/vuln/detail/CVE-2022-42012</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus-libs</td>
<td>CVE-2022-42010</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42010">https://access.redhat.com/security/cve/CVE-2022-42010</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/418">https://gitlab.freedesktop.org/dbus/dbus/-/issues/418</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42010.html">https://linux.oracle.com/cve/CVE-2022-42010.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42010">https://nvd.nist.gov/vuln/detail/CVE-2022-42010</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus-libs</td>
<td>CVE-2022-42011</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42011">https://access.redhat.com/security/cve/CVE-2022-42011</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/413">https://gitlab.freedesktop.org/dbus/dbus/-/issues/413</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42011.html">https://linux.oracle.com/cve/CVE-2022-42011.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42011">https://nvd.nist.gov/vuln/detail/CVE-2022-42011</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus-libs</td>
<td>CVE-2022-42012</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42012">https://access.redhat.com/security/cve/CVE-2022-42012</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/417">https://gitlab.freedesktop.org/dbus/dbus/-/issues/417</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42012.html">https://linux.oracle.com/cve/CVE-2022-42012.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42012">https://nvd.nist.gov/vuln/detail/CVE-2022-42012</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus-tools</td>
<td>CVE-2022-42010</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42010">https://access.redhat.com/security/cve/CVE-2022-42010</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/418">https://gitlab.freedesktop.org/dbus/dbus/-/issues/418</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42010.html">https://linux.oracle.com/cve/CVE-2022-42010.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42010">https://nvd.nist.gov/vuln/detail/CVE-2022-42010</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus-tools</td>
<td>CVE-2022-42011</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42011">https://access.redhat.com/security/cve/CVE-2022-42011</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/413">https://gitlab.freedesktop.org/dbus/dbus/-/issues/413</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42011.html">https://linux.oracle.com/cve/CVE-2022-42011.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42011">https://nvd.nist.gov/vuln/detail/CVE-2022-42011</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">dbus-tools</td>
<td>CVE-2022-42012</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">1:1.12.8-23.el8</td>
<td>1:1.12.8-23.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0335">https://access.redhat.com/errata/RHSA-2023:0335</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-42012">https://access.redhat.com/security/cve/CVE-2022-42012</a>
<a href="https://bugzilla.redhat.com/2133616">https://bugzilla.redhat.com/2133616</a>
<a href="https://bugzilla.redhat.com/2133617">https://bugzilla.redhat.com/2133617</a>
<a href="https://bugzilla.redhat.com/2133618">https://bugzilla.redhat.com/2133618</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133616">https://bugzilla.redhat.com/show_bug.cgi?id=2133616</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133617">https://bugzilla.redhat.com/show_bug.cgi?id=2133617</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2133618">https://bugzilla.redhat.com/show_bug.cgi?id=2133618</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42010</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42011</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42012</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0335.html">https://errata.almalinux.org/9/ALSA-2023-0335.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0335">https://errata.rockylinux.org/RLSA-2023:0335</a>
<a href="https://gitlab.freedesktop.org/dbus/dbus/-/issues/417">https://gitlab.freedesktop.org/dbus/dbus/-/issues/417</a>
<a href="https://linux.oracle.com/cve/CVE-2022-42012.html">https://linux.oracle.com/cve/CVE-2022-42012.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0335.html">https://linux.oracle.com/errata/ELSA-2023-0335.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-42012">https://nvd.nist.gov/vuln/detail/CVE-2022-42012</a>
<a href="https://ubuntu.com/security/notices/USN-5704-1">https://ubuntu.com/security/notices/USN-5704-1</a>
<a href="https://www.openwall.com/lists/oss-security/2022/10/06/1">https://www.openwall.com/lists/oss-security/2022/10/06/1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">expat</td>
<td>CVE-2022-43680</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">2.2.5-10.el8</td>
<td>2.2.5-10.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0337">https://access.redhat.com/errata/RHSA-2023:0337</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-43680">https://access.redhat.com/security/cve/CVE-2022-43680</a>
<a href="https://bugzilla.redhat.com/2140059">https://bugzilla.redhat.com/2140059</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2140059">https://bugzilla.redhat.com/show_bug.cgi?id=2140059</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0337.html">https://errata.almalinux.org/9/ALSA-2023-0337.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0337">https://errata.rockylinux.org/RLSA-2023:0337</a>
<a href="https://github.com/libexpat/libexpat/issues/649">https://github.com/libexpat/libexpat/issues/649</a>
<a href="https://github.com/libexpat/libexpat/pull/616">https://github.com/libexpat/libexpat/pull/616</a>
<a href="https://github.com/libexpat/libexpat/pull/650">https://github.com/libexpat/libexpat/pull/650</a>
<a href="https://linux.oracle.com/cve/CVE-2022-43680.html">https://linux.oracle.com/cve/CVE-2022-43680.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0337.html">https://linux.oracle.com/errata/ELSA-2023-0337.html</a>
<a href="https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html">https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-43680">https://nvd.nist.gov/vuln/detail/CVE-2022-43680</a>
<a href="https://security.gentoo.org/glsa/202210-38">https://security.gentoo.org/glsa/202210-38</a>
<a href="https://security.netapp.com/advisory/ntap-20221118-0007/">https://security.netapp.com/advisory/ntap-20221118-0007/</a>
<a href="https://ubuntu.com/security/notices/USN-5638-2">https://ubuntu.com/security/notices/USN-5638-2</a>
<a href="https://ubuntu.com/security/notices/USN-5638-3">https://ubuntu.com/security/notices/USN-5638-3</a>
<a href="https://www.debian.org/security/2022/dsa-5266">https://www.debian.org/security/2022/dsa-5266</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">libtasn1</td>
<td>CVE-2021-46848</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">4.13-3.el8</td>
<td>4.13-4.el8_7</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0343">https://access.redhat.com/errata/RHSA-2023:0343</a>
<a href="https://access.redhat.com/security/cve/CVE-2021-46848">https://access.redhat.com/security/cve/CVE-2021-46848</a>
<a href="https://bugs.gentoo.org/866237">https://bugs.gentoo.org/866237</a>
<a href="https://bugzilla.redhat.com/2140058">https://bugzilla.redhat.com/2140058</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2140058">https://bugzilla.redhat.com/show_bug.cgi?id=2140058</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0343.html">https://errata.almalinux.org/9/ALSA-2023-0343.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0343">https://errata.rockylinux.org/RLSA-2023:0343</a>
<a href="https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5">https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5</a>
<a href="https://gitlab.com/gnutls/libtasn1/-/issues/32">https://gitlab.com/gnutls/libtasn1/-/issues/32</a>
<a href="https://linux.oracle.com/cve/CVE-2021-46848.html">https://linux.oracle.com/cve/CVE-2021-46848.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0343.html">https://linux.oracle.com/errata/ELSA-2023-0343.html</a>
<a href="https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html">https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/</a>
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2021-46848">https://nvd.nist.gov/vuln/detail/CVE-2021-46848</a>
<a href="https://security.netapp.com/advisory/ntap-20221118-0006/">https://security.netapp.com/advisory/ntap-20221118-0006/</a>
<a href="https://ubuntu.com/security/notices/USN-5707-1">https://ubuntu.com/security/notices/USN-5707-1</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">libxml2</td>
<td>CVE-2022-40303</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">2.9.7-15.el8</td>
<td>2.9.7-15.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="http://seclists.org/fulldisclosure/2022/Dec/21">http://seclists.org/fulldisclosure/2022/Dec/21</a>
<a href="http://seclists.org/fulldisclosure/2022/Dec/24">http://seclists.org/fulldisclosure/2022/Dec/24</a>
<a href="http://seclists.org/fulldisclosure/2022/Dec/25">http://seclists.org/fulldisclosure/2022/Dec/25</a>
<a href="http://seclists.org/fulldisclosure/2022/Dec/26">http://seclists.org/fulldisclosure/2022/Dec/26</a>
<a href="https://access.redhat.com/errata/RHSA-2023:0338">https://access.redhat.com/errata/RHSA-2023:0338</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-40303">https://access.redhat.com/security/cve/CVE-2022-40303</a>
<a href="https://bugzilla.redhat.com/2136266">https://bugzilla.redhat.com/2136266</a>
<a href="https://bugzilla.redhat.com/2136288">https://bugzilla.redhat.com/2136288</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2136266">https://bugzilla.redhat.com/show_bug.cgi?id=2136266</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2136288">https://bugzilla.redhat.com/show_bug.cgi?id=2136288</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0338.html">https://errata.almalinux.org/9/ALSA-2023-0338.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0338">https://errata.rockylinux.org/RLSA-2023:0338</a>
<a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0">https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0</a>
<a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3">https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3</a>
<a href="https://linux.oracle.com/cve/CVE-2022-40303.html">https://linux.oracle.com/cve/CVE-2022-40303.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0338.html">https://linux.oracle.com/errata/ELSA-2023-0338.html</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-40303">https://nvd.nist.gov/vuln/detail/CVE-2022-40303</a>
<a href="https://security.netapp.com/advisory/ntap-20221209-0003/">https://security.netapp.com/advisory/ntap-20221209-0003/</a>
<a href="https://support.apple.com/kb/HT213531">https://support.apple.com/kb/HT213531</a>
<a href="https://support.apple.com/kb/HT213533">https://support.apple.com/kb/HT213533</a>
<a href="https://support.apple.com/kb/HT213534">https://support.apple.com/kb/HT213534</a>
<a href="https://support.apple.com/kb/HT213535">https://support.apple.com/kb/HT213535</a>
<a href="https://support.apple.com/kb/HT213536">https://support.apple.com/kb/HT213536</a>
<a href="https://ubuntu.com/security/notices/USN-5760-1">https://ubuntu.com/security/notices/USN-5760-1</a>
<a href="https://ubuntu.com/security/notices/USN-5760-2">https://ubuntu.com/security/notices/USN-5760-2</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">libxml2</td>
<td>CVE-2022-40304</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">2.9.7-15.el8</td>
<td>2.9.7-15.el8_7.1</td>
<td class="links" data-more-links="off">
<a href="http://seclists.org/fulldisclosure/2022/Dec/21">http://seclists.org/fulldisclosure/2022/Dec/21</a>
<a href="http://seclists.org/fulldisclosure/2022/Dec/24">http://seclists.org/fulldisclosure/2022/Dec/24</a>
<a href="http://seclists.org/fulldisclosure/2022/Dec/25">http://seclists.org/fulldisclosure/2022/Dec/25</a>
<a href="http://seclists.org/fulldisclosure/2022/Dec/26">http://seclists.org/fulldisclosure/2022/Dec/26</a>
<a href="https://access.redhat.com/errata/RHSA-2023:0338">https://access.redhat.com/errata/RHSA-2023:0338</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-40304">https://access.redhat.com/security/cve/CVE-2022-40304</a>
<a href="https://bugzilla.redhat.com/2136266">https://bugzilla.redhat.com/2136266</a>
<a href="https://bugzilla.redhat.com/2136288">https://bugzilla.redhat.com/2136288</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2136266">https://bugzilla.redhat.com/show_bug.cgi?id=2136266</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2136288">https://bugzilla.redhat.com/show_bug.cgi?id=2136288</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0338.html">https://errata.almalinux.org/9/ALSA-2023-0338.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0338">https://errata.rockylinux.org/RLSA-2023:0338</a>
<a href="https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b">https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b</a>
<a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags">https://gitlab.gnome.org/GNOME/libxml2/-/tags</a>
<a href="https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3">https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3</a>
<a href="https://linux.oracle.com/cve/CVE-2022-40304.html">https://linux.oracle.com/cve/CVE-2022-40304.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0338.html">https://linux.oracle.com/errata/ELSA-2023-0338.html</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-40304">https://nvd.nist.gov/vuln/detail/CVE-2022-40304</a>
<a href="https://security.netapp.com/advisory/ntap-20221209-0003/">https://security.netapp.com/advisory/ntap-20221209-0003/</a>
<a href="https://support.apple.com/kb/HT213531">https://support.apple.com/kb/HT213531</a>
<a href="https://support.apple.com/kb/HT213533">https://support.apple.com/kb/HT213533</a>
<a href="https://support.apple.com/kb/HT213534">https://support.apple.com/kb/HT213534</a>
<a href="https://support.apple.com/kb/HT213535">https://support.apple.com/kb/HT213535</a>
<a href="https://support.apple.com/kb/HT213536">https://support.apple.com/kb/HT213536</a>
<a href="https://ubuntu.com/security/notices/USN-5760-1">https://ubuntu.com/security/notices/USN-5760-1</a>
<a href="https://ubuntu.com/security/notices/USN-5760-2">https://ubuntu.com/security/notices/USN-5760-2</a>
</td>
</tr>
<tr class="severity-MEDIUM">
<td class="pkg-name">sqlite-libs</td>
<td>CVE-2022-35737</td>
<td class="severity">MEDIUM</td>
<td class="pkg-version">3.26.0-16.el8_6</td>
<td>3.26.0-17.el8_7</td>
<td class="links" data-more-links="off">
<a href="https://access.redhat.com/errata/RHSA-2023:0339">https://access.redhat.com/errata/RHSA-2023:0339</a>
<a href="https://access.redhat.com/security/cve/CVE-2022-35737">https://access.redhat.com/security/cve/CVE-2022-35737</a>
<a href="https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/">https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/</a>
<a href="https://bugzilla.redhat.com/2110291">https://bugzilla.redhat.com/2110291</a>
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2110291">https://bugzilla.redhat.com/show_bug.cgi?id=2110291</a>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35737">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35737</a>
<a href="https://errata.almalinux.org/9/ALSA-2023-0339.html">https://errata.almalinux.org/9/ALSA-2023-0339.html</a>
<a href="https://errata.rockylinux.org/RLSA-2023:0339">https://errata.rockylinux.org/RLSA-2023:0339</a>
<a href="https://kb.cert.org/vuls/id/720344">https://kb.cert.org/vuls/id/720344</a>
<a href="https://linux.oracle.com/cve/CVE-2022-35737.html">https://linux.oracle.com/cve/CVE-2022-35737.html</a>
<a href="https://linux.oracle.com/errata/ELSA-2023-0339.html">https://linux.oracle.com/errata/ELSA-2023-0339.html</a>
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-35737">https://nvd.nist.gov/vuln/detail/CVE-2022-35737</a>
<a href="https://security.gentoo.org/glsa/202210-40">https://security.gentoo.org/glsa/202210-40</a>
<a href="https://security.netapp.com/advisory/ntap-20220915-0009/">https://security.netapp.com/advisory/ntap-20220915-0009/</a>
<a href="https://sqlite.org/releaselog/3_39_2.html">https://sqlite.org/releaselog/3_39_2.html</a>
<a href="https://ubuntu.com/security/notices/USN-5712-1">https://ubuntu.com/security/notices/USN-5712-1</a>
<a href="https://ubuntu.com/security/notices/USN-5716-1">https://ubuntu.com/security/notices/USN-5716-1</a>
<a href="https://ubuntu.com/security/notices/USN-5716-2">https://ubuntu.com/security/notices/USN-5716-2</a>
<a href="https://www.sqlite.org/cves.html">https://www.sqlite.org/cves.html</a>
<a href="https://www.sqlite.org/releaselog/3_39_2.html">https://www.sqlite.org/releaselog/3_39_2.html</a>
</td>
</tr>
<tr><th colspan="6">No Misconfigurations found</th></tr> <tr><th colspan="6">No Misconfigurations found</th></tr>
</table> </table>
</body> </body>

View File

@ -8,11 +8,688 @@
"fullName": "Trivy Vulnerability Scanner", "fullName": "Trivy Vulnerability Scanner",
"informationUri": "https://github.com/aquasecurity/trivy", "informationUri": "https://github.com/aquasecurity/trivy",
"name": "Trivy", "name": "Trivy",
"rules": [], "rules": [
{
"id": "CVE-2022-42010",
"name": "OsPackageVulnerability",
"shortDescription": {
"text": "dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets"
},
"fullDescription": {
"text": "An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures."
},
"defaultConfiguration": {
"level": "warning"
},
"helpUri": "https://avd.aquasec.com/nvd/cve-2022-42010",
"help": {
"text": "Vulnerability CVE-2022-42010\nSeverity: MEDIUM\nPackage: dbus-tools\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42010](https://avd.aquasec.com/nvd/cve-2022-42010)\nAn issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.",
"markdown": "**Vulnerability CVE-2022-42010**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|MEDIUM|dbus-tools|1:1.12.8-23.el8_7.1|[CVE-2022-42010](https://avd.aquasec.com/nvd/cve-2022-42010)|\n\nAn issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures."
},
"properties": {
"precision": "very-high",
"security-severity": "5.5",
"tags": [
"vulnerability",
"security",
"MEDIUM"
]
}
},
{
"id": "CVE-2022-42011",
"name": "OsPackageVulnerability",
"shortDescription": {
"text": "dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type"
},
"fullDescription": {
"text": "An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type."
},
"defaultConfiguration": {
"level": "warning"
},
"helpUri": "https://avd.aquasec.com/nvd/cve-2022-42011",
"help": {
"text": "Vulnerability CVE-2022-42011\nSeverity: MEDIUM\nPackage: dbus-tools\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42011](https://avd.aquasec.com/nvd/cve-2022-42011)\nAn issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.",
"markdown": "**Vulnerability CVE-2022-42011**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|MEDIUM|dbus-tools|1:1.12.8-23.el8_7.1|[CVE-2022-42011](https://avd.aquasec.com/nvd/cve-2022-42011)|\n\nAn issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type."
},
"properties": {
"precision": "very-high",
"security-severity": "5.5",
"tags": [
"vulnerability",
"security",
"MEDIUM"
]
}
},
{
"id": "CVE-2022-42012",
"name": "OsPackageVulnerability",
"shortDescription": {
"text": "dbus: `_dbus_marshal_byteswap` doesn\u0026#39;t process fds in messages with \u0026#34;foreign\u0026#34; endianness correctly"
},
"fullDescription": {
"text": "An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format."
},
"defaultConfiguration": {
"level": "warning"
},
"helpUri": "https://avd.aquasec.com/nvd/cve-2022-42012",
"help": {
"text": "Vulnerability CVE-2022-42012\nSeverity: MEDIUM\nPackage: dbus-tools\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42012](https://avd.aquasec.com/nvd/cve-2022-42012)\nAn issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.",
"markdown": "**Vulnerability CVE-2022-42012**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|MEDIUM|dbus-tools|1:1.12.8-23.el8_7.1|[CVE-2022-42012](https://avd.aquasec.com/nvd/cve-2022-42012)|\n\nAn issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format."
},
"properties": {
"precision": "very-high",
"security-severity": "5.5",
"tags": [
"vulnerability",
"security",
"MEDIUM"
]
}
},
{
"id": "CVE-2022-43680",
"name": "OsPackageVulnerability",
"shortDescription": {
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
},
"fullDescription": {
"text": "In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations."
},
"defaultConfiguration": {
"level": "warning"
},
"helpUri": "https://avd.aquasec.com/nvd/cve-2022-43680",
"help": {
"text": "Vulnerability CVE-2022-43680\nSeverity: MEDIUM\nPackage: expat\nFixed Version: 2.2.5-10.el8_7.1\nLink: [CVE-2022-43680](https://avd.aquasec.com/nvd/cve-2022-43680)\nIn libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.",
"markdown": "**Vulnerability CVE-2022-43680**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|MEDIUM|expat|2.2.5-10.el8_7.1|[CVE-2022-43680](https://avd.aquasec.com/nvd/cve-2022-43680)|\n\nIn libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations."
},
"properties": {
"precision": "very-high",
"security-severity": "5.5",
"tags": [
"vulnerability",
"security",
"MEDIUM"
]
}
},
{
"id": "CVE-2021-46848",
"name": "OsPackageVulnerability",
"shortDescription": {
"text": "libtasn1: Out-of-bound access in ETYPE_OK"
},
"fullDescription": {
"text": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der."
},
"defaultConfiguration": {
"level": "warning"
},
"helpUri": "https://avd.aquasec.com/nvd/cve-2021-46848",
"help": {
"text": "Vulnerability CVE-2021-46848\nSeverity: MEDIUM\nPackage: libtasn1\nFixed Version: 4.13-4.el8_7\nLink: [CVE-2021-46848](https://avd.aquasec.com/nvd/cve-2021-46848)\nGNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.",
"markdown": "**Vulnerability CVE-2021-46848**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|MEDIUM|libtasn1|4.13-4.el8_7|[CVE-2021-46848](https://avd.aquasec.com/nvd/cve-2021-46848)|\n\nGNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der."
},
"properties": {
"precision": "very-high",
"security-severity": "5.5",
"tags": [
"vulnerability",
"security",
"MEDIUM"
]
}
},
{
"id": "CVE-2022-40303",
"name": "OsPackageVulnerability",
"shortDescription": {
"text": "libxml2: integer overflows with XML_PARSE_HUGE"
},
"fullDescription": {
"text": "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault."
},
"defaultConfiguration": {
"level": "warning"
},
"helpUri": "https://avd.aquasec.com/nvd/cve-2022-40303",
"help": {
"text": "Vulnerability CVE-2022-40303\nSeverity: MEDIUM\nPackage: libxml2\nFixed Version: 2.9.7-15.el8_7.1\nLink: [CVE-2022-40303](https://avd.aquasec.com/nvd/cve-2022-40303)\nAn issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.",
"markdown": "**Vulnerability CVE-2022-40303**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|MEDIUM|libxml2|2.9.7-15.el8_7.1|[CVE-2022-40303](https://avd.aquasec.com/nvd/cve-2022-40303)|\n\nAn issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault."
},
"properties": {
"precision": "very-high",
"security-severity": "5.5",
"tags": [
"vulnerability",
"security",
"MEDIUM"
]
}
},
{
"id": "CVE-2022-40304",
"name": "OsPackageVulnerability",
"shortDescription": {
"text": "libxml2: dict corruption caused by entity reference cycles"
},
"fullDescription": {
"text": "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked."
},
"defaultConfiguration": {
"level": "warning"
},
"helpUri": "https://avd.aquasec.com/nvd/cve-2022-40304",
"help": {
"text": "Vulnerability CVE-2022-40304\nSeverity: MEDIUM\nPackage: libxml2\nFixed Version: 2.9.7-15.el8_7.1\nLink: [CVE-2022-40304](https://avd.aquasec.com/nvd/cve-2022-40304)\nAn issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.",
"markdown": "**Vulnerability CVE-2022-40304**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|MEDIUM|libxml2|2.9.7-15.el8_7.1|[CVE-2022-40304](https://avd.aquasec.com/nvd/cve-2022-40304)|\n\nAn issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked."
},
"properties": {
"precision": "very-high",
"security-severity": "5.5",
"tags": [
"vulnerability",
"security",
"MEDIUM"
]
}
},
{
"id": "CVE-2022-35737",
"name": "OsPackageVulnerability",
"shortDescription": {
"text": "sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API"
},
"fullDescription": {
"text": "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API."
},
"defaultConfiguration": {
"level": "warning"
},
"helpUri": "https://avd.aquasec.com/nvd/cve-2022-35737",
"help": {
"text": "Vulnerability CVE-2022-35737\nSeverity: MEDIUM\nPackage: sqlite-libs\nFixed Version: 3.26.0-17.el8_7\nLink: [CVE-2022-35737](https://avd.aquasec.com/nvd/cve-2022-35737)\nSQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.",
"markdown": "**Vulnerability CVE-2022-35737**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|MEDIUM|sqlite-libs|3.26.0-17.el8_7|[CVE-2022-35737](https://avd.aquasec.com/nvd/cve-2022-35737)|\n\nSQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API."
},
"properties": {
"precision": "very-high",
"security-severity": "5.5",
"tags": [
"vulnerability",
"security",
"MEDIUM"
]
}
}
],
"version": "0.37.1" "version": "0.37.1"
} }
}, },
"results": [], "results": [
{
"ruleId": "CVE-2022-42010",
"ruleIndex": 0,
"level": "warning",
"message": {
"text": "Package: dbus\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42010\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42010](https://avd.aquasec.com/nvd/cve-2022-42010)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-42011",
"ruleIndex": 1,
"level": "warning",
"message": {
"text": "Package: dbus\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42011\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42011](https://avd.aquasec.com/nvd/cve-2022-42011)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-42012",
"ruleIndex": 2,
"level": "warning",
"message": {
"text": "Package: dbus\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42012\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42012](https://avd.aquasec.com/nvd/cve-2022-42012)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-42010",
"ruleIndex": 0,
"level": "warning",
"message": {
"text": "Package: dbus-daemon\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42010\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42010](https://avd.aquasec.com/nvd/cve-2022-42010)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus-daemon@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-42011",
"ruleIndex": 1,
"level": "warning",
"message": {
"text": "Package: dbus-daemon\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42011\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42011](https://avd.aquasec.com/nvd/cve-2022-42011)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus-daemon@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-42012",
"ruleIndex": 2,
"level": "warning",
"message": {
"text": "Package: dbus-daemon\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42012\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42012](https://avd.aquasec.com/nvd/cve-2022-42012)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus-daemon@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-42010",
"ruleIndex": 0,
"level": "warning",
"message": {
"text": "Package: dbus-libs\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42010\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42010](https://avd.aquasec.com/nvd/cve-2022-42010)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus-libs@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-42011",
"ruleIndex": 1,
"level": "warning",
"message": {
"text": "Package: dbus-libs\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42011\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42011](https://avd.aquasec.com/nvd/cve-2022-42011)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus-libs@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-42012",
"ruleIndex": 2,
"level": "warning",
"message": {
"text": "Package: dbus-libs\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42012\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42012](https://avd.aquasec.com/nvd/cve-2022-42012)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus-libs@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-42010",
"ruleIndex": 0,
"level": "warning",
"message": {
"text": "Package: dbus-tools\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42010\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42010](https://avd.aquasec.com/nvd/cve-2022-42010)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus-tools@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-42011",
"ruleIndex": 1,
"level": "warning",
"message": {
"text": "Package: dbus-tools\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42011\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42011](https://avd.aquasec.com/nvd/cve-2022-42011)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus-tools@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-42012",
"ruleIndex": 2,
"level": "warning",
"message": {
"text": "Package: dbus-tools\nInstalled Version: 1:1.12.8-23.el8\nVulnerability CVE-2022-42012\nSeverity: MEDIUM\nFixed Version: 1:1.12.8-23.el8_7.1\nLink: [CVE-2022-42012](https://avd.aquasec.com/nvd/cve-2022-42012)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: dbus-tools@1:1.12.8-23.el8"
}
}
]
},
{
"ruleId": "CVE-2022-43680",
"ruleIndex": 3,
"level": "warning",
"message": {
"text": "Package: expat\nInstalled Version: 2.2.5-10.el8\nVulnerability CVE-2022-43680\nSeverity: MEDIUM\nFixed Version: 2.2.5-10.el8_7.1\nLink: [CVE-2022-43680](https://avd.aquasec.com/nvd/cve-2022-43680)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: expat@2.2.5-10.el8"
}
}
]
},
{
"ruleId": "CVE-2021-46848",
"ruleIndex": 4,
"level": "warning",
"message": {
"text": "Package: libtasn1\nInstalled Version: 4.13-3.el8\nVulnerability CVE-2021-46848\nSeverity: MEDIUM\nFixed Version: 4.13-4.el8_7\nLink: [CVE-2021-46848](https://avd.aquasec.com/nvd/cve-2021-46848)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: libtasn1@4.13-3.el8"
}
}
]
},
{
"ruleId": "CVE-2022-40303",
"ruleIndex": 5,
"level": "warning",
"message": {
"text": "Package: libxml2\nInstalled Version: 2.9.7-15.el8\nVulnerability CVE-2022-40303\nSeverity: MEDIUM\nFixed Version: 2.9.7-15.el8_7.1\nLink: [CVE-2022-40303](https://avd.aquasec.com/nvd/cve-2022-40303)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: libxml2@2.9.7-15.el8"
}
}
]
},
{
"ruleId": "CVE-2022-40304",
"ruleIndex": 6,
"level": "warning",
"message": {
"text": "Package: libxml2\nInstalled Version: 2.9.7-15.el8\nVulnerability CVE-2022-40304\nSeverity: MEDIUM\nFixed Version: 2.9.7-15.el8_7.1\nLink: [CVE-2022-40304](https://avd.aquasec.com/nvd/cve-2022-40304)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: libxml2@2.9.7-15.el8"
}
}
]
},
{
"ruleId": "CVE-2022-35737",
"ruleIndex": 7,
"level": "warning",
"message": {
"text": "Package: sqlite-libs\nInstalled Version: 3.26.0-16.el8_6\nVulnerability CVE-2022-35737\nSeverity: MEDIUM\nFixed Version: 3.26.0-17.el8_7\nLink: [CVE-2022-35737](https://avd.aquasec.com/nvd/cve-2022-35737)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "rockylinux/rockylinux",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": "rockylinux/rockylinux: sqlite-libs@3.26.0-16.el8_6"
}
}
]
}
],
"columnKind": "utf16CodeUnits", "columnKind": "utf16CodeUnits",
"originalUriBaseIds": { "originalUriBaseIds": {
"ROOTPATH": { "ROOTPATH": {