Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 6 |
CVE-ID | CVE-2022-1996 CVE-2022-24675 CVE-2022-28327 CVE-2022-27191 CVE-2022-29526 CVE-2022-30629 |
CWE-ID | CWE-942 CWE-120 CWE-190 CWE-327 CWE-264 CWE-330 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
Fedora Operating systems & Components / Operating system yubihsm-connector Operating systems & Components / Operating system package or component yggdrasil Operating systems & Components / Operating system package or component xq Operating systems & Components / Operating system package or component xe-guest-utilities-latest Operating systems & Components / Operating system package or component wgctrl Operating systems & Components / Operating system package or component weldr-client Operating systems & Components / Operating system package or component webanalyze Operating systems & Components / Operating system package or component vultr-cli Operating systems & Components / Operating system package or component vultr Operating systems & Components / Operating system package or component vgrep Operating systems & Components / Operating system package or component toolbox Operating systems & Components / Operating system package or component tmux-top Operating systems & Components / Operating system package or component tiedot Operating systems & Components / Operating system package or component terrier Operating systems & Components / Operating system package or component sysutil Operating systems & Components / Operating system package or component syncthing Operating systems & Components / Operating system package or component swig Operating systems & Components / Operating system package or component subfinder Operating systems & Components / Operating system package or component source-to-image Operating systems & Components / Operating system package or component snowcrash Operating systems & Components / Operating system package or component snapd Operating systems & Components / Operating system package or component skopeo Operating systems & Components / Operating system package or component singularity Operating systems & Components / Operating system package or component shhgit Operating systems & Components / Operating system package or component shellz Operating systems & Components / Operating system package or component runc Operating systems & Components / Operating system package or component restic Operating systems & Components / Operating system package or component reposurgeon Operating systems & Components / Operating system package or component rclone Operating systems & Components / Operating system package or component powerline-go Operating systems & Components / Operating system package or component podman-tui Operating systems & Components / Operating system package or component podman Operating systems & Components / Operating system package or component pack Operating systems & Components / Operating system package or component osbuild-composer Operating systems & Components / Operating system package or component origin Operating systems & Components / Operating system package or component open-policy-agent Operating systems & Components / Operating system package or component onionscan Operating systems & Components / Operating system package or component ohmybackup Operating systems & Components / Operating system package or component oci-seccomp-bpf-hook Operating systems & Components / Operating system package or component nex Operating systems & Components / Operating system package or component netscanner Operating systems & Components / Operating system package or component nebula Operating systems & Components / Operating system package or component nats-server Operating systems & Components / Operating system package or component mqttcli Operating systems & Components / Operating system package or component moby-engine Operating systems & Components / Operating system package or component micro Operating systems & Components / Operating system package or component meshbird Operating systems & Components / Operating system package or component meg Operating systems & Components / Operating system package or component mass3 Operating systems & Components / Operating system package or component manifest-tool Operating systems & Components / Operating system package or component kubernetes Operating systems & Components / Operating system package or component kompose Operating systems & Components / Operating system package or component kiln Operating systems & Components / Operating system package or component kata-containers Operating systems & Components / Operating system package or component jid Operating systems & Components / Operating system package or component ignition Operating systems & Components / Operating system package or component hulk Operating systems & Components / Operating system package or component httprobe Operating systems & Components / Operating system package or component htmltest Operating systems & Components / Operating system package or component hcloud Operating systems & Components / Operating system package or component hakrevdns Operating systems & Components / Operating system package or component grpcurl Operating systems & Components / Operating system package or component gron Operating systems & Components / Operating system package or component graphviz Operating systems & Components / Operating system package or component grafana-pcp Operating systems & Components / Operating system package or component gotun Operating systems & Components / Operating system package or component gotags Operating systems & Components / Operating system package or component gopass-jsonapi Operating systems & Components / Operating system package or component gopass-hibp Operating systems & Components / Operating system package or component gopass Operating systems & Components / Operating system package or component google-guest-agent Operating systems & Components / Operating system package or component gomtree Operating systems & Components / Operating system package or component goloris Operating systems & Components / Operating system package or component golist Operating systems & Components / Operating system package or component golang-x-text Operating systems & Components / Operating system package or component golang-x-perf Operating systems & Components / Operating system package or component golang-x-mod Operating systems & Components / Operating system package or component golang-x-lint Operating systems & Components / Operating system package or component golang-x-exp Operating systems & Components / Operating system package or component golang-x-debug Operating systems & Components / Operating system package or component golang-vbom-util Operating systems & Components / Operating system package or component golang-storj-drpc Operating systems & Components / Operating system package or component golang-starlark Operating systems & Components / Operating system package or component golang-sourcegraph-appdash Operating systems & Components / Operating system package or component golang-sigs-k8s-aws-iam-authenticator Operating systems & Components / Operating system package or component golang-rsc-pdf Operating systems & Components / Operating system package or component golang-mvdan-xurls Operating systems & Components / Operating system package or component golang-mongodb-mongo-driver Operating systems & Components / Operating system package or component golang-k8s-sample-controller Operating systems & Components / Operating system package or component golang-k8s-sample-cli-plugin Operating systems & Components / Operating system package or component golang-k8s-sample-apiserver Operating systems & Components / Operating system package or component golang-k8s-pod-security-admission Operating systems & Components / Operating system package or component golang-k8s-kube-openapi Operating systems & Components / Operating system package or component golang-k8s-kube-aggregator Operating systems & Components / Operating system package or component golang-k8s-code-generator Operating systems & Components / Operating system package or component golang-k8s-apiextensions-apiserver Operating systems & Components / Operating system package or component golang-jaytaylor-html2text Operating systems & Components / Operating system package or component golang-honnef-tools Operating systems & Components / Operating system package or component golang-gopkg-src-d-git-4 Operating systems & Components / Operating system package or component golang-gopkg-square-jose-2 Operating systems & Components / Operating system package or component golang-gopkg-neurosnap-sentences-1 Operating systems & Components / Operating system package or component golang-google-protobuf Operating systems & Components / Operating system package or component golang-google-appengine Operating systems & Components / Operating system package or component golang-gitlab-commonmark-linkify Operating systems & Components / Operating system package or component golang-github-zyedidia-highlight Operating systems & Components / Operating system package or component golang-github-yuin-gopher-lua Operating systems & Components / Operating system package or component golang-github-xordataexchange-crypt Operating systems & Components / Operating system package or component golang-github-xo-terminfo Operating systems & Components / Operating system package or component golang-github-vmware-govmomi Operating systems & Components / Operating system package or component golang-github-vincent-petithory-dataurl Operating systems & Components / Operating system package or component golang-github-vbatts-tar-split Operating systems & Components / Operating system package or component golang-github-valyala-fasthttp Operating systems & Components / Operating system package or component golang-github-ulikunitz-xz Operating systems & Components / Operating system package or component golang-github-uber-jaeger-client Operating systems & Components / Operating system package or component golang-github-uber-athenadriver Operating systems & Components / Operating system package or component golang-github-u-root-iscsinl Operating systems & Components / Operating system package or component golang-github-twpayne-waypoint Operating systems & Components / Operating system package or component golang-github-twitchtv-twirp Operating systems & Components / Operating system package or component golang-github-tscholl2-siec Operating systems & Components / Operating system package or component golang-github-tomnomnom-xtermcolor Operating systems & Components / Operating system package or component golang-github-tklauser-numcpus Operating systems & Components / Operating system package or component golang-github-temoto-robotstxt Operating systems & Components / Operating system package or component golang-github-stomp-3 Operating systems & Components / Operating system package or component golang-github-sqshq-sampler Operating systems & Components / Operating system package or component golang-github-spyzhov-ajson Operating systems & Components / Operating system package or component golang-github-sourcegraph-syntaxhighlight Operating systems & Components / Operating system package or component golang-github-snappy Operating systems & Components / Operating system package or component golang-github-skip2-qrcode Operating systems & Components / Operating system package or component golang-github-shurcool-vfsgen Operating systems & Components / Operating system package or component golang-github-shulhan-bindata Operating systems & Components / Operating system package or component golang-github-shellcode33-vm-detection Operating systems & Components / Operating system package or component golang-github-segmentio-ksuid Operating systems & Components / Operating system package or component golang-github-rwcarlsen-goexif Operating systems & Components / Operating system package or component golang-github-rubenv-sql-migrate Operating systems & Components / Operating system package or component golang-github-rogpeppe-internal Operating systems & Components / Operating system package or component golang-github-rickb777-date Operating systems & Components / Operating system package or component golang-github-redteampentesting-monsoon Operating systems & Components / Operating system package or component golang-github-rcrowley-metrics Operating systems & Components / Operating system package or component golang-github-rakyll-statik Operating systems & Components / Operating system package or component golang-github-quay-goval-parser Operating systems & Components / Operating system package or component golang-github-prometheus-tsdb Operating systems & Components / Operating system package or component golang-github-prometheus-prom2json Operating systems & Components / Operating system package or component golang-github-prometheus-node-exporter Operating systems & Components / Operating system package or component golang-github-prometheus Operating systems & Components / Operating system package or component golang-github-projectdiscovery-mapcidr Operating systems & Components / Operating system package or component golang-github-projectdiscovery-chaos-client Operating systems & Components / Operating system package or component golang-github-pressly-goose Operating systems & Components / Operating system package or component golang-github-pquerna-ffjson Operating systems & Components / Operating system package or component golang-github-posener-complete-2 Operating systems & Components / Operating system package or component golang-github-pkg-diff Operating systems & Components / Operating system package or component golang-github-pierrre-geohash Operating systems & Components / Operating system package or component golang-github-pierrec-lz4 Operating systems & Components / Operating system package or component golang-github-phayes-freeport Operating systems & Components / Operating system package or component golang-github-pelletier-toml-2 Operating systems & Components / Operating system package or component golang-github-pelletier-toml Operating systems & Components / Operating system package or component golang-github-pdfcpu Operating systems & Components / Operating system package or component golang-github-onsi-ginkgo-2 Operating systems & Components / Operating system package or component golang-github-oneofone-xxhash Operating systems & Components / Operating system package or component golang-github-olekukonko-tablewriter Operating systems & Components / Operating system package or component golang-github-oklog Operating systems & Components / Operating system package or component golang-github-nxadm-tail Operating systems & Components / Operating system package or component golang-github-nicksnyder-i18n-2 Operating systems & Components / Operating system package or component golang-github-nbutton23-zxcvbn Operating systems & Components / Operating system package or component golang-github-nats-io-streaming-server Operating systems & Components / Operating system package or component golang-github-nats-io-nkeys Operating systems & Components / Operating system package or component golang-github-mvo5-uboot Operating systems & Components / Operating system package or component golang-github-multiformats-multihash Operating systems & Components / Operating system package or component golang-github-multiformats-multibase Operating systems & Components / Operating system package or component golang-github-msprev-fzf-bibtex Operating systems & Components / Operating system package or component golang-github-mrunalp-fileutils Operating systems & Components / Operating system package or component golang-github-mozillazg-pinyin Operating systems & Components / Operating system package or component golang-github-morikuni-aec Operating systems & Components / Operating system package or component golang-github-mock Operating systems & Components / Operating system package or component golang-github-mmarkdown-mmark Operating systems & Components / Operating system package or component golang-github-microcosm-cc-bluemonday Operating systems & Components / Operating system package or component golang-github-mholt-archiver Operating systems & Components / Operating system package or component golang-github-mgutz-ansi Operating systems & Components / Operating system package or component golang-github-mdlayher-dhcp6 Operating systems & Components / Operating system package or component golang-github-mbndr-figlet4go Operating systems & Components / Operating system package or component golang-github-mattn-colorable Operating systems & Components / Operating system package or component golang-github-martinhoefling-goxkcdpwgen Operating systems & Components / Operating system package or component golang-github-markbates-pkger Operating systems & Components / Operating system package or component golang-github-mailru-easyjson Operating systems & Components / Operating system package or component golang-github-magefile-mage Operating systems & Components / Operating system package or component golang-github-lunixbochs-vtclean Operating systems & Components / Operating system package or component golang-github-lofanmi-pinyin Operating systems & Components / Operating system package or component golang-github-liamg-tml Operating systems & Components / Operating system package or component golang-github-leveldb Operating systems & Components / Operating system package or component golang-github-letsencrypt-pebble Operating systems & Components / Operating system package or component golang-github-leonelquinteros-gotext Operating systems & Components / Operating system package or component golang-github-ledisdb Operating systems & Components / Operating system package or component golang-github-kyokomi-emoji Operating systems & Components / Operating system package or component golang-github-krishicks-yaml-patch Operating systems & Components / Operating system package or component golang-github-kr-text Operating systems & Components / Operating system package or component golang-github-kalafut-imohash Operating systems & Components / Operating system package or component golang-github-jwt Operating systems & Components / Operating system package or component golang-github-jsonnet-bundler Operating systems & Components / Operating system package or component golang-github-jmespath Operating systems & Components / Operating system package or component golang-github-j-keck-arping Operating systems & Components / Operating system package or component golang-github-intel-goresctrl Operating systems & Components / Operating system package or component golang-github-instrumenta-kubeval Operating systems & Components / Operating system package or component golang-github-insomniacslk-termhook Operating systems & Components / Operating system package or component golang-github-hpcloud-tail Operating systems & Components / Operating system package or component golang-github-heistp-irtt Operating systems & Components / Operating system package or component golang-github-hashicorp-sockaddr Operating systems & Components / Operating system package or component golang-github-hashicorp-memdb Operating systems & Components / Operating system package or component golang-github-hashicorp-hclog Operating systems & Components / Operating system package or component golang-github-hashicorp-consul-migrate Operating systems & Components / Operating system package or component golang-github-haproxytech-dataplaneapi Operating systems & Components / Operating system package or component golang-github-haproxytech-client-native Operating systems & Components / Operating system package or component golang-github-gucumber Operating systems & Components / Operating system package or component golang-github-grpc-ecosystem-gateway-2 Operating systems & Components / Operating system package or component golang-github-gorhill-cronexpr Operating systems & Components / Operating system package or component golang-github-googlecloudplatform-cloudsql-proxy Operating systems & Components / Operating system package or component golang-github-googleapis-gnostic Operating systems & Components / Operating system package or component golang-github-google-wire Operating systems & Components / Operating system package or component golang-github-google-slothfs Operating systems & Components / Operating system package or component golang-github-google-pprof Operating systems & Components / Operating system package or component golang-github-google-martian Operating systems & Components / Operating system package or component golang-github-google-jsonnet Operating systems & Components / Operating system package or component golang-github-google-dap Operating systems & Components / Operating system package or component golang-github-google-containerregistry Operating systems & Components / Operating system package or component golang-github-golangci-lint-1 Operating systems & Components / Operating system package or component golang-github-gohugoio-testmodbuilder Operating systems & Components / Operating system package or component golang-github-gohugoio-localescompressed Operating systems & Components / Operating system package or component golang-github-gogo-googleapis Operating systems & Components / Operating system package or component golang-github-gocolly-colly-2 Operating systems & Components / Operating system package or component golang-github-gobwas-ws Operating systems & Components / Operating system package or component golang-github-gobuffalo-here Operating systems & Components / Operating system package or component golang-github-geertjohan-rice Operating systems & Components / Operating system package or component golang-github-gdamore-tcell-2 Operating systems & Components / Operating system package or component golang-github-gdamore-tcell Operating systems & Components / Operating system package or component golang-github-fvbommel-util Operating systems & Components / Operating system package or component golang-github-francoispqt-gojay Operating systems & Components / Operating system package or component golang-github-fernet Operating systems & Components / Operating system package or component golang-github-evanw-esbuild Operating systems & Components / Operating system package or component golang-github-etcd-io-gofail Operating systems & Components / Operating system package or component golang-github-envoyproxy-protoc-gen-validate Operating systems & Components / Operating system package or component golang-github-emersion-smtp Operating systems & Components / Operating system package or component golang-github-elazarl-bindata-assetfs Operating systems & Components / Operating system package or component golang-github-eknkc-amber Operating systems & Components / Operating system package or component golang-github-dustinkirkland-petname Operating systems & Components / Operating system package or component golang-github-dreamacro-shadowsocks2 Operating systems & Components / Operating system package or component golang-github-dgrijalva-jwt Operating systems & Components / Operating system package or component golang-github-deepmap-oapi-codegen Operating systems & Components / Operating system package or component golang-github-dave-jennifer Operating systems & Components / Operating system package or component golang-github-cucumber-godog Operating systems & Components / Operating system package or component golang-github-cpuguy83-md2man Operating systems & Components / Operating system package or component golang-github-cpu-goacmedns Operating systems & Components / Operating system package or component golang-github-coredns-corefile-migration Operating systems & Components / Operating system package or component golang-github-containerd-fuse-overlayfs-snapshotter Operating systems & Components / Operating system package or component golang-github-containerd-continuity Operating systems & Components / Operating system package or component golang-github-colinmarc-hdfs-2 Operating systems & Components / Operating system package or component golang-github-cockroachdb-pebble Operating systems & Components / Operating system package or component golang-github-cloudflare-redoctober Operating systems & Components / Operating system package or component golang-github-cloudflare Operating systems & Components / Operating system package or component golang-github-client9-plaintext Operating systems & Components / Operating system package or component golang-github-client9-gospell Operating systems & Components / Operating system package or component golang-github-cilium-ebpf Operating systems & Components / Operating system package or component golang-github-chromedp Operating systems & Components / Operating system package or component golang-github-christrenkamp-goxpath Operating systems & Components / Operating system package or component golang-github-chris-ramon-douceur Operating systems & Components / Operating system package or component golang-github-chai2010-gettext Operating systems & Components / Operating system package or component golang-github-cespare-xxhash Operating systems & Components / Operating system package or component golang-github-c-bata-prompt Operating systems & Components / Operating system package or component golang-github-burntsushi-xgb Operating systems & Components / Operating system package or component golang-github-burntsushi-toml Operating systems & Components / Operating system package or component golang-github-appc-goaci Operating systems & Components / Operating system package or component golang-github-apache-beam-2 Operating systems & Components / Operating system package or component golang-github-acme-lego Operating systems & Components / Operating system package or component golang-github-a8m-tree Operating systems & Components / Operating system package or component golang-etcd-bbolt Operating systems & Components / Operating system package or component golang-entgo-ent Operating systems & Components / Operating system package or component golang-bug-serial-1 Operating systems & Components / Operating system package or component golang-ariga-atlas Operating systems & Components / Operating system package or component gojq Operating systems & Components / Operating system package or component godotenv Operating systems & Components / Operating system package or component gmailctl Operating systems & Components / Operating system package or component gitjacker Operating systems & Components / Operating system package or component fzf Operating systems & Components / Operating system package or component duf Operating systems & Components / Operating system package or component doctl Operating systems & Components / Operating system package or component dnsx Operating systems & Components / Operating system package or component dnscrypt-proxy Operating systems & Components / Operating system package or component deepin-gir-generator Operating systems & Components / Operating system package or component clash Operating systems & Components / Operating system package or component buildah Operating systems & Components / Operating system package or component asciigraph Operating systems & Components / Operating system package or component age Operating systems & Components / Operating system package or component aerc Operating systems & Components / Operating system package or component 3mux Operating systems & Components / Operating system package or component |
Vendor | Fedoraproject |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
EUVDB-ID: #VU66447
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-1996
CWE-ID:
CWE-942 - Overly Permissive Cross-domain Whitelist
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass the CORS protection mechanism.
The vulnerability exists due to incorrect processing of the "Origin" HTTP header that is supplied within HTTP request. A remote attacker can supply arbitrary value via the "Origin" HTTP header, bypass implemented CORS protection mechanism and perform cross-site scripting attacks against the vulnerable application.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 37
yubihsm-connector: before 3.0.2-3.fc37
yggdrasil: before 0.2.98^1.ffb580f-0.2.20220127gitffb580f.fc37
xq: before 0.0.7-4.fc37
xe-guest-utilities-latest: before 7.30.0-4.fc37
wgctrl: before 0-0.11.20210811git4253848.fc37
weldr-client: before 35.5-2.fc37
webanalyze: before 0.3.1-6.fc37
vultr-cli: before 2.12.2-2.fc37
vultr: before 2.0.3-5.fc37
vgrep: before 2.6.0-2.fc37
toolbox: before 0.0.99.3-5.fc37
tmux-top: before 0.1.1-2.fc37
tiedot: before 3.4-8.fc37
terrier: before 0.0.2-6.fc37
sysutil: before 0-0.7.20200615git15668db.fc37
syncthing: before 1.20.2-2.fc37
swig: before 4.0.2-16.fc37
subfinder: before 2.5.2-2.fc37
source-to-image: before 1.3.1-4.fc37
snowcrash: before 0-0.7.20201119git49b99ad.fc37
snapd: before 2.55.3-2.fc37
skopeo: before 1.8.0-9.fc37
singularity: before 3.8.7-2.fc37
shhgit: before 0.2-7.fc37
shellz: before 1.5.0-7.fc37
runc: before 1.1.1-2.fc37
restic: before 0.12.1-3.fc37
reposurgeon: before 4.32-2.fc37
rclone: before 1.57.0-4.fc37
powerline-go: before 1.21.0-4.fc37
podman-tui: before 0.4.0-2.fc37
podman: before 4.1.1-2.fc37
pack: before 0.27.0~rc1-4.fc37
osbuild-composer: before 55-2.fc37
origin: before 3.11.2-6.fc37
open-policy-agent: before 0.31.0-5.fc37
onionscan: before 0.2-7.fc37
ohmybackup: before 0-0.6.20200526git50f2fce.fc37
oci-seccomp-bpf-hook: before 1.2.5-3.fc37
nex: before 20210330-3.fc37
netscanner: before 0-0.5.20201116git8baab36.fc37
nebula: before 1.5.2-4.fc37
nats-server: before 2.1.9-6.fc37
mqttcli: before 0.2.3-2.fc37
moby-engine: before 20.10.17-3.fc37
micro: before 2.0.8-5.fc37
meshbird: before 2.3-6.fc37
meg: before 0.2.4-6.fc37
mass3: before 0-0.6.20200627gite1d5f1a.fc37
manifest-tool: before 2.0.3-2.fc37
kubernetes: before 1.24.1-2.fc37
kompose: before 1.17.0-9.fc37
kiln: before 0.2.0-4.fc37
kata-containers: before 2.4.2-1.fc37.1
jid: before 0.7.6-9.fc37
ignition: before 2.14.0-2.fc37
hulk: before 0-0.6.20200620git9670699.fc37
httprobe: before 0.1.2-6.fc37
htmltest: before 0.15.0-3.fc37
hcloud: before 1.29.5-3.fc37
hakrevdns: before 0-0.5.20201116git9fa2d59.fc37
grpcurl: before 1.8.6-3.fc37
gron: before 0.7.1-2.fc37
graphviz: before 4.0.0-4.fc37
grafana-pcp: before 3.2.0-3.fc37
gotun: before 0-0.14.gita9dbe4d.fc37
gotags: before 1.4.1-8.fc37
gopass-jsonapi: before 1.11.1-2.20220511git5dc831e.fc37
gopass-hibp: before 1.12.0-2.20220511gitd4baae0.fc37
gopass: before 1.14.2-2.fc37
google-guest-agent: before 20201217.02-4.fc37
gomtree: before 0.4.0-11.fc37
goloris: before 0-0.6.20200326gita59fafb.fc37
golist: before 0.10.1-9.fc37
golang-x-text: before 0.3.7-2.fc37
golang-x-perf: before 0-0.15.20210123gitbdcc622.fc37
golang-x-mod: before 0.6.0~dev-3.20220330git9b9b3d8.fc37
golang-x-lint: before 0-16.20210123git83fdc39.fc37
golang-x-exp: before 0-0.43.20220330git053ad81.fc37
golang-x-debug: before 0-0.14.20210123gitc934e1b.fc37
golang-vbom-util: before 0-0.11.20190520gitefcd4e0.fc37
golang-storj-drpc: before 0.0.16-6.fc37
golang-starlark: before 0-0.7.20210113gite81fc95.fc37
golang-sourcegraph-appdash: before 0-0.9.20210113gitebfcffb.fc37
golang-sigs-k8s-aws-iam-authenticator: before 0.5.2-6.fc37
golang-rsc-pdf: before 0.1.1-10.fc37
golang-mvdan-xurls: before 2.2.0-6.fc37
golang-mongodb-mongo-driver: before 1.4.5-6.fc37
golang-k8s-sample-controller: before 1.22.0-4.fc37
golang-k8s-sample-cli-plugin: before 1.22.0-4.fc37
golang-k8s-sample-apiserver: before 1.22.0-5.fc37
golang-k8s-pod-security-admission: before 1.22.0-3.fc37
golang-k8s-kube-openapi: before 0-0.21.20210813git3c81807.fc37
golang-k8s-kube-aggregator: before 1.22.0-4.fc37
golang-k8s-code-generator: before 1.22.0-4.fc37
golang-k8s-apiextensions-apiserver: before 1.22.0-6.fc37
golang-jaytaylor-html2text: before 0-0.2.20220509gitbc68cce.fc37
golang-honnef-tools: before 2021.1.2-2.20220304git852a31a.fc37
golang-gopkg-src-d-git-4: before 4.13.1-8.fc37
golang-gopkg-square-jose-2: before 2.6.0-3.fc37
golang-gopkg-neurosnap-sentences-1: before 1.0.6-14.fc37
golang-google-protobuf: before 1.27.1-5.fc37
golang-google-appengine: before 1.6.7-5.fc37
golang-gitlab-commonmark-linkify: before 0-0.9.20200805git64bca66.fc37
golang-github-zyedidia-highlight: before 0-0.6.20200218git291680f.fc37
golang-github-yuin-gopher-lua: before 0-23.20220305gitf4c35e4.fc37
golang-github-xordataexchange-crypt: before 0.0.2-12.20190412gitb2862e3.fc37
golang-github-xo-terminfo: before 0-0.6.20210113gitc22d04b.fc37
golang-github-vmware-govmomi: before 0.24.0-5.fc37
golang-github-vincent-petithory-dataurl: before 0-0.7.20200110gitd1553a7.fc37
golang-github-vbatts-tar-split: before 0.11.1-10.fc37
golang-github-valyala-fasthttp: before 1.29.0-3.fc37
golang-github-ulikunitz-xz: before 0.5.10-4.fc37
golang-github-uber-jaeger-client: before 2.30.0-2.fc37
golang-github-uber-athenadriver: before 1.1.12-5.fc37
golang-github-u-root-iscsinl: before 0.1.0-4.fc37
golang-github-twpayne-waypoint: before 0-0.4.20210130git4f8e6bf.fc37
golang-github-twitchtv-twirp: before 8.1.0-4.fc37
golang-github-tscholl2-siec: before 0-3.20211128git9bdfc48.fc37
golang-github-tomnomnom-xtermcolor: before 0.1.2-8.fc37
golang-github-tklauser-numcpus: before 0.2.3-2.fc37
golang-github-temoto-robotstxt: before 1.1.2-3.fc37
golang-github-stomp-3: before 3.0.2-3.fc37
golang-github-sqshq-sampler: before 1.1.0-9.fc37
golang-github-spyzhov-ajson: before 0.4.2-1.fc37
golang-github-sourcegraph-syntaxhighlight: before 0-0.11.20180418gitbd320f5.fc37
golang-github-snappy: before 0.0.2-6.fc37
golang-github-skip2-qrcode: before 0-2.20220316gitda1b656.fc37
golang-github-shurcool-vfsgen: before 0-0.11.20210113git0d455de.fc37
golang-github-shulhan-bindata: before 3.6.1-6.fc37
golang-github-shellcode33-vm-detection: before 0-0.6.20200715git4fd05cb.fc37
golang-github-segmentio-ksuid: before 1.0.4-3.fc37
golang-github-rwcarlsen-goexif: before 0-0.9.20191017git9e8deec.fc37
golang-github-rubenv-sql-migrate: before 0-0.4.20210529gita32ed26.fc37
golang-github-rogpeppe-internal: before 1.8.1-2.fc37
golang-github-rickb777-date: before 1.19.1-2.fc37
golang-github-redteampentesting-monsoon: before 0.6.0-6.fc37
golang-github-rcrowley-metrics: before 0-0.28.20210110gitcf1acfc.fc37
golang-github-rakyll-statik: before 0.1.7-8.fc37
golang-github-quay-goval-parser: before 0.8.6-4.fc37
golang-github-prometheus-tsdb: before 0.10.0-7.fc37
golang-github-prometheus-prom2json: before 1.3.0-8.20210811git90766c0.fc37
golang-github-prometheus-node-exporter: before 1.3.1-8.fc37
golang-github-prometheus: before 2.32.1-5.fc37
golang-github-projectdiscovery-mapcidr: before 0.0.8-3.fc37
golang-github-projectdiscovery-chaos-client: before 0.2.0-2.fc37
golang-github-pressly-goose: before 2.7.0-4.fc37
golang-github-pquerna-ffjson: before 0-0.9.20200730gitaa0246c.fc37
golang-github-posener-complete-2: before 2.0.1~alpha.13-5.fc37
golang-github-pkg-diff: before 0-0.4.20210406git20ebb0f.fc37
golang-github-pierrre-geohash: before 1.0.0-4.fc37
golang-github-pierrec-lz4: before 4.1.3-5.fc37
golang-github-phayes-freeport: before 1.0.2-6.fc37
golang-github-pelletier-toml-2: before 2.0.0~beta.8-4.fc37
golang-github-pelletier-toml: before 1.9.4-2.fc37
golang-github-pdfcpu: before 0.3.13-2.fc37
golang-github-onsi-ginkgo-2: before 2.1.4-2.fc37
golang-github-oneofone-xxhash: before 1.2.8-5.fc37
golang-github-olekukonko-tablewriter: before 0.0.5-3.fc37
golang-github-oklog: before 0.3.2-10.20190701gitca7cdf5.fc37
golang-github-nxadm-tail: before 1.4.6-7.fc37
golang-github-nicksnyder-i18n-2: before 2.1.2-5.fc37
golang-github-nbutton23-zxcvbn: before 0.1-8.20210110gite56b841.fc37
golang-github-nats-io-streaming-server: before 0.20.0-5.fc37
golang-github-nats-io-nkeys: before 0.2.0-5.fc37
golang-github-mvo5-uboot: before 0.4-10.fc37
golang-github-multiformats-multihash: before 0.1.0-2.fc37
golang-github-multiformats-multibase: before 0.0.3-2.20220213gitf067816.fc37
golang-github-msprev-fzf-bibtex: before 1.1-5.20220205gitd5df2c6.fc37
golang-github-mrunalp-fileutils: before 0.5.0-5.fc37
golang-github-mozillazg-pinyin: before 0.19.0-4.fc37
golang-github-morikuni-aec: before 1.0.0-5.fc37
golang-github-mock: before 1.6.0-3.fc37
golang-github-mmarkdown-mmark: before 2.2.10-5.fc37
golang-github-microcosm-cc-bluemonday: before 1.0.17-3.fc37
golang-github-mholt-archiver: before 3.5.1-3.fc37
golang-github-mgutz-ansi: before 0-0.13.20200729gitd51e80e.fc37
golang-github-mdlayher-dhcp6: before 0-0.8.20200429git2a67805.fc37
golang-github-mbndr-figlet4go: before 0-0.8.20191009gitd6cef5b.fc37
golang-github-mattn-colorable: before 0.1.8-5.fc37
golang-github-martinhoefling-goxkcdpwgen: before 0.1.0-2.fc37
golang-github-markbates-pkger: before 0.17.1-5.fc37
golang-github-mailru-easyjson: before 0.7.6-5.fc37
golang-github-magefile-mage: before 1.11.0-5.fc37
golang-github-lunixbochs-vtclean: before 1.0.0-8.fc37
golang-github-lofanmi-pinyin: before 1.0-4.fc37
golang-github-liamg-tml: before 0.6.0-2.fc37
golang-github-leveldb: before 0-0.9.20190701git259d925.fc37
golang-github-letsencrypt-pebble: before 2.3.1-5.fc37
golang-github-leonelquinteros-gotext: before 1.5.0-2.fc37
golang-github-ledisdb: before 0.6-5.20210112gitd35789e.fc37
golang-github-kyokomi-emoji: before 2.2.8-5.fc37
golang-github-krishicks-yaml-patch: before 0.0.10-8.20200307git05b3177.fc37
golang-github-kr-text: before 0.2.0-5.fc37
golang-github-kalafut-imohash: before 1.0.2-3.fc37
golang-github-jwt: before 3.2.2-3.fc37
golang-github-jsonnet-bundler: before 0.4.0-8.fc37
golang-github-jmespath: before 0.4.0-5.fc37
golang-github-j-keck-arping: before 1.0.2-3.fc37
golang-github-intel-goresctrl: before 0.2.0-5.fc37
golang-github-instrumenta-kubeval: before 0.15.0-8.fc37
golang-github-insomniacslk-termhook: before 0-6.20210406gita267c97.fc37
golang-github-hpcloud-tail: before 1.0.0-10.20190325gita1dbeea.fc37
golang-github-heistp-irtt: before 0.9.1-2.fc37
golang-github-hashicorp-sockaddr: before 1.0.2-11.fc37
golang-github-hashicorp-memdb: before 1.3.0-5.fc37
golang-github-hashicorp-hclog: before 0.15.0-5.fc37
golang-github-hashicorp-consul-migrate: before 0.1.0-9.20190602git678fb10.fc37
golang-github-haproxytech-dataplaneapi: before 2.4.4-4.fc37
golang-github-haproxytech-client-native: before 2.5.3-3.fc37
golang-github-gucumber: before 0-0.23.20190703git7d5c79e.fc37
golang-github-grpc-ecosystem-gateway-2: before 2.7.3-4.fc37
golang-github-gorhill-cronexpr: before 1.0.0-4.fc37
golang-github-googlecloudplatform-cloudsql-proxy: before 1.19.1-6.fc37
golang-github-googleapis-gnostic: before 0.5.3-6.fc37
golang-github-google-wire: before 0.5.0-3.fc37
golang-github-google-slothfs: before 0-0.11.20200727git59c1163.fc37
golang-github-google-pprof: before 0-16.20210802gitc50bf4f.fc37
golang-github-google-martian: before 3.1.0-9.fc37
golang-github-google-jsonnet: before 0.17.0-5.fc37
golang-github-google-dap: before 0.4.0-4.fc37
golang-github-google-containerregistry: before 0.5.1-5.fc37
golang-github-golangci-lint-1: before 0-0.5.20200828gitd2cdd8c.fc37
golang-github-gohugoio-testmodbuilder: before 0-0.10.20201030git72e1e0c.fc37
golang-github-gohugoio-localescompressed: before 1.0.1-2.fc37
golang-github-gogo-googleapis: before 1.4.1-4.fc37
golang-github-gocolly-colly-2: before 2.1.0-4.20210920git2f09941.fc37
golang-github-gobwas-ws: before 1.1.0-3.fc37
golang-github-gobuffalo-here: before 0.6.2-5.fc37
golang-github-geertjohan-rice: before 1.0.2-5.fc37
golang-github-gdamore-tcell-2: before 2.5.0-2.fc37
golang-github-gdamore-tcell: before 1.4.0-5.fc37
golang-github-fvbommel-util: before 0.0.3-5.fc37
golang-github-francoispqt-gojay: before 1.2.13-7.fc37
golang-github-fernet: before 0-0.9.20200726giteff2850.fc37
golang-github-evanw-esbuild: before 0.14.38-2.fc37
golang-github-etcd-io-gofail: before 0-0.3.20210808gitad7f989.fc37
golang-github-envoyproxy-protoc-gen-validate: before 0.4.1-6.fc37
golang-github-emersion-smtp: before 0.15.0-4.fc37
golang-github-elazarl-bindata-assetfs: before 1.0.1-9.fc37
golang-github-eknkc-amber: before 0-0.17.20190601gitcdade1c.fc37
golang-github-dustinkirkland-petname: before 0-0.6.20200605git8e5a1ed.fc37
golang-github-dreamacro-shadowsocks2: before 0.1.7-6.fc37
golang-github-dgrijalva-jwt: before 3.2.0-11.fc37
golang-github-deepmap-oapi-codegen: before 1.8.2-3.fc37
golang-github-dave-jennifer: before 1.4.1-5.fc37
golang-github-cucumber-godog: before 0.12.1-4.fc37
golang-github-cpuguy83-md2man: before 2.0.2-2.fc37
golang-github-cpu-goacmedns: before 0.1.1-5.fc37
golang-github-coredns-corefile-migration: before 1.0.11-6.fc37
golang-github-containerd-fuse-overlayfs-snapshotter: before 1.0.2-7.fc37
golang-github-containerd-continuity: before 0.2.2-3.fc37
golang-github-colinmarc-hdfs-2: before 2.2.0-4.fc37
golang-github-cockroachdb-pebble: before 0-0.8.20210108git48f5530.fc37
golang-github-cloudflare-redoctober: before 0-0.11.20210114git99c99a8.fc37
golang-github-cloudflare: before 0.21.0-3.fc37
golang-github-client9-plaintext: before 0-0.8.20190703git5bf47e7.fc37
golang-github-client9-gospell: before 0-0.11.20190524git90dfc71.fc37
golang-github-cilium-ebpf: before 0.8.0-2.fc37
golang-github-chromedp: before 0.8.1-2.fc37
golang-github-christrenkamp-goxpath: before 0-0.6.20200627gitc5096ec.fc37
golang-github-chris-ramon-douceur: before 0.2.0-5.20200910gitf346305.fc37
golang-github-chai2010-gettext: before 1.0.2-6.fc37
golang-github-cespare-xxhash: before 2.1.2-3.fc37
golang-github-c-bata-prompt: before 0.2.6-4.fc37
golang-github-burntsushi-xgb: before 0-0.15.20210108git5f9e7b3.fc37
golang-github-burntsushi-toml: before 1.0.0-5.fc37
golang-github-appc-goaci: before 0.1.1-12.fc37
golang-github-apache-beam-2: before 2.33.0~RC1-7.fc37
golang-github-acme-lego: before 4.4.0-6.fc37
golang-github-a8m-tree: before 0-0.16.20210725gitce3525c.fc37
golang-etcd-bbolt: before 1.3.6-4.fc37
golang-entgo-ent: before 0.10.0-4.fc37
golang-bug-serial-1: before 1.3.5-3.fc37
golang-ariga-atlas: before 0.3.6-3.fc37
gojq: before 0.12.8-3.fc37
godotenv: before 1.4.0-4.fc37
gmailctl: before 0.10.4-3.fc37
gitjacker: before 0.0.2-8.fc37
fzf: before 0.30.0-3.fc37
duf: before 0.8.1-3.fc37
doctl: before 1.77.0-3.fc37
dnsx: before 1.1.0-3.fc37
dnscrypt-proxy: before 2.1.1-4.fc37
deepin-gir-generator: before 2.1.0-3.fc37
clash: before 1.8.0-4.fc37
buildah: before 1.26.1-4.fc37
asciigraph: before 0.5.4-3.fc37
age: before 1.0.0-5.fc37
aerc: before 0.10.0-3.fc37
3mux: before 1.1.0-5.fc37
CPE2.3https://bodhi.fedoraproject.org/updates/FEDORA-2022-8d0c218ca7
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64266
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-24675
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists in the Golang's library encoding/pem. A remote attacker can send to victim a large (more than 5 MB) PEM input to cause a stack overflow in Decode and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 37
yubihsm-connector: before 3.0.2-3.fc37
yggdrasil: before 0.2.98^1.ffb580f-0.2.20220127gitffb580f.fc37
xq: before 0.0.7-4.fc37
xe-guest-utilities-latest: before 7.30.0-4.fc37
wgctrl: before 0-0.11.20210811git4253848.fc37
weldr-client: before 35.5-2.fc37
webanalyze: before 0.3.1-6.fc37
vultr-cli: before 2.12.2-2.fc37
vultr: before 2.0.3-5.fc37
vgrep: before 2.6.0-2.fc37
toolbox: before 0.0.99.3-5.fc37
tmux-top: before 0.1.1-2.fc37
tiedot: before 3.4-8.fc37
terrier: before 0.0.2-6.fc37
sysutil: before 0-0.7.20200615git15668db.fc37
syncthing: before 1.20.2-2.fc37
swig: before 4.0.2-16.fc37
subfinder: before 2.5.2-2.fc37
source-to-image: before 1.3.1-4.fc37
snowcrash: before 0-0.7.20201119git49b99ad.fc37
snapd: before 2.55.3-2.fc37
skopeo: before 1.8.0-9.fc37
singularity: before 3.8.7-2.fc37
shhgit: before 0.2-7.fc37
shellz: before 1.5.0-7.fc37
runc: before 1.1.1-2.fc37
restic: before 0.12.1-3.fc37
reposurgeon: before 4.32-2.fc37
rclone: before 1.57.0-4.fc37
powerline-go: before 1.21.0-4.fc37
podman-tui: before 0.4.0-2.fc37
podman: before 4.1.1-2.fc37
pack: before 0.27.0~rc1-4.fc37
osbuild-composer: before 55-2.fc37
origin: before 3.11.2-6.fc37
open-policy-agent: before 0.31.0-5.fc37
onionscan: before 0.2-7.fc37
ohmybackup: before 0-0.6.20200526git50f2fce.fc37
oci-seccomp-bpf-hook: before 1.2.5-3.fc37
nex: before 20210330-3.fc37
netscanner: before 0-0.5.20201116git8baab36.fc37
nebula: before 1.5.2-4.fc37
nats-server: before 2.1.9-6.fc37
mqttcli: before 0.2.3-2.fc37
moby-engine: before 20.10.17-3.fc37
micro: before 2.0.8-5.fc37
meshbird: before 2.3-6.fc37
meg: before 0.2.4-6.fc37
mass3: before 0-0.6.20200627gite1d5f1a.fc37
manifest-tool: before 2.0.3-2.fc37
kubernetes: before 1.24.1-2.fc37
kompose: before 1.17.0-9.fc37
kiln: before 0.2.0-4.fc37
kata-containers: before 2.4.2-1.fc37.1
jid: before 0.7.6-9.fc37
ignition: before 2.14.0-2.fc37
hulk: before 0-0.6.20200620git9670699.fc37
httprobe: before 0.1.2-6.fc37
htmltest: before 0.15.0-3.fc37
hcloud: before 1.29.5-3.fc37
hakrevdns: before 0-0.5.20201116git9fa2d59.fc37
grpcurl: before 1.8.6-3.fc37
gron: before 0.7.1-2.fc37
graphviz: before 4.0.0-4.fc37
grafana-pcp: before 3.2.0-3.fc37
gotun: before 0-0.14.gita9dbe4d.fc37
gotags: before 1.4.1-8.fc37
gopass-jsonapi: before 1.11.1-2.20220511git5dc831e.fc37
gopass-hibp: before 1.12.0-2.20220511gitd4baae0.fc37
gopass: before 1.14.2-2.fc37
google-guest-agent: before 20201217.02-4.fc37
gomtree: before 0.4.0-11.fc37
goloris: before 0-0.6.20200326gita59fafb.fc37
golist: before 0.10.1-9.fc37
golang-x-text: before 0.3.7-2.fc37
golang-x-perf: before 0-0.15.20210123gitbdcc622.fc37
golang-x-mod: before 0.6.0~dev-3.20220330git9b9b3d8.fc37
golang-x-lint: before 0-16.20210123git83fdc39.fc37
golang-x-exp: before 0-0.43.20220330git053ad81.fc37
golang-x-debug: before 0-0.14.20210123gitc934e1b.fc37
golang-vbom-util: before 0-0.11.20190520gitefcd4e0.fc37
golang-storj-drpc: before 0.0.16-6.fc37
golang-starlark: before 0-0.7.20210113gite81fc95.fc37
golang-sourcegraph-appdash: before 0-0.9.20210113gitebfcffb.fc37
golang-sigs-k8s-aws-iam-authenticator: before 0.5.2-6.fc37
golang-rsc-pdf: before 0.1.1-10.fc37
golang-mvdan-xurls: before 2.2.0-6.fc37
golang-mongodb-mongo-driver: before 1.4.5-6.fc37
golang-k8s-sample-controller: before 1.22.0-4.fc37
golang-k8s-sample-cli-plugin: before 1.22.0-4.fc37
golang-k8s-sample-apiserver: before 1.22.0-5.fc37
golang-k8s-pod-security-admission: before 1.22.0-3.fc37
golang-k8s-kube-openapi: before 0-0.21.20210813git3c81807.fc37
golang-k8s-kube-aggregator: before 1.22.0-4.fc37
golang-k8s-code-generator: before 1.22.0-4.fc37
golang-k8s-apiextensions-apiserver: before 1.22.0-6.fc37
golang-jaytaylor-html2text: before 0-0.2.20220509gitbc68cce.fc37
golang-honnef-tools: before 2021.1.2-2.20220304git852a31a.fc37
golang-gopkg-src-d-git-4: before 4.13.1-8.fc37
golang-gopkg-square-jose-2: before 2.6.0-3.fc37
golang-gopkg-neurosnap-sentences-1: before 1.0.6-14.fc37
golang-google-protobuf: before 1.27.1-5.fc37
golang-google-appengine: before 1.6.7-5.fc37
golang-gitlab-commonmark-linkify: before 0-0.9.20200805git64bca66.fc37
golang-github-zyedidia-highlight: before 0-0.6.20200218git291680f.fc37
golang-github-yuin-gopher-lua: before 0-23.20220305gitf4c35e4.fc37
golang-github-xordataexchange-crypt: before 0.0.2-12.20190412gitb2862e3.fc37
golang-github-xo-terminfo: before 0-0.6.20210113gitc22d04b.fc37
golang-github-vmware-govmomi: before 0.24.0-5.fc37
golang-github-vincent-petithory-dataurl: before 0-0.7.20200110gitd1553a7.fc37
golang-github-vbatts-tar-split: before 0.11.1-10.fc37
golang-github-valyala-fasthttp: before 1.29.0-3.fc37
golang-github-ulikunitz-xz: before 0.5.10-4.fc37
golang-github-uber-jaeger-client: before 2.30.0-2.fc37
golang-github-uber-athenadriver: before 1.1.12-5.fc37
golang-github-u-root-iscsinl: before 0.1.0-4.fc37
golang-github-twpayne-waypoint: before 0-0.4.20210130git4f8e6bf.fc37
golang-github-twitchtv-twirp: before 8.1.0-4.fc37
golang-github-tscholl2-siec: before 0-3.20211128git9bdfc48.fc37
golang-github-tomnomnom-xtermcolor: before 0.1.2-8.fc37
golang-github-tklauser-numcpus: before 0.2.3-2.fc37
golang-github-temoto-robotstxt: before 1.1.2-3.fc37
golang-github-stomp-3: before 3.0.2-3.fc37
golang-github-sqshq-sampler: before 1.1.0-9.fc37
golang-github-spyzhov-ajson: before 0.4.2-1.fc37
golang-github-sourcegraph-syntaxhighlight: before 0-0.11.20180418gitbd320f5.fc37
golang-github-snappy: before 0.0.2-6.fc37
golang-github-skip2-qrcode: before 0-2.20220316gitda1b656.fc37
golang-github-shurcool-vfsgen: before 0-0.11.20210113git0d455de.fc37
golang-github-shulhan-bindata: before 3.6.1-6.fc37
golang-github-shellcode33-vm-detection: before 0-0.6.20200715git4fd05cb.fc37
golang-github-segmentio-ksuid: before 1.0.4-3.fc37
golang-github-rwcarlsen-goexif: before 0-0.9.20191017git9e8deec.fc37
golang-github-rubenv-sql-migrate: before 0-0.4.20210529gita32ed26.fc37
golang-github-rogpeppe-internal: before 1.8.1-2.fc37
golang-github-rickb777-date: before 1.19.1-2.fc37
golang-github-redteampentesting-monsoon: before 0.6.0-6.fc37
golang-github-rcrowley-metrics: before 0-0.28.20210110gitcf1acfc.fc37
golang-github-rakyll-statik: before 0.1.7-8.fc37
golang-github-quay-goval-parser: before 0.8.6-4.fc37
golang-github-prometheus-tsdb: before 0.10.0-7.fc37
golang-github-prometheus-prom2json: before 1.3.0-8.20210811git90766c0.fc37
golang-github-prometheus-node-exporter: before 1.3.1-8.fc37
golang-github-prometheus: before 2.32.1-5.fc37
golang-github-projectdiscovery-mapcidr: before 0.0.8-3.fc37
golang-github-projectdiscovery-chaos-client: before 0.2.0-2.fc37
golang-github-pressly-goose: before 2.7.0-4.fc37
golang-github-pquerna-ffjson: before 0-0.9.20200730gitaa0246c.fc37
golang-github-posener-complete-2: before 2.0.1~alpha.13-5.fc37
golang-github-pkg-diff: before 0-0.4.20210406git20ebb0f.fc37
golang-github-pierrre-geohash: before 1.0.0-4.fc37
golang-github-pierrec-lz4: before 4.1.3-5.fc37
golang-github-phayes-freeport: before 1.0.2-6.fc37
golang-github-pelletier-toml-2: before 2.0.0~beta.8-4.fc37
golang-github-pelletier-toml: before 1.9.4-2.fc37
golang-github-pdfcpu: before 0.3.13-2.fc37
golang-github-onsi-ginkgo-2: before 2.1.4-2.fc37
golang-github-oneofone-xxhash: before 1.2.8-5.fc37
golang-github-olekukonko-tablewriter: before 0.0.5-3.fc37
golang-github-oklog: before 0.3.2-10.20190701gitca7cdf5.fc37
golang-github-nxadm-tail: before 1.4.6-7.fc37
golang-github-nicksnyder-i18n-2: before 2.1.2-5.fc37
golang-github-nbutton23-zxcvbn: before 0.1-8.20210110gite56b841.fc37
golang-github-nats-io-streaming-server: before 0.20.0-5.fc37
golang-github-nats-io-nkeys: before 0.2.0-5.fc37
golang-github-mvo5-uboot: before 0.4-10.fc37
golang-github-multiformats-multihash: before 0.1.0-2.fc37
golang-github-multiformats-multibase: before 0.0.3-2.20220213gitf067816.fc37
golang-github-msprev-fzf-bibtex: before 1.1-5.20220205gitd5df2c6.fc37
golang-github-mrunalp-fileutils: before 0.5.0-5.fc37
golang-github-mozillazg-pinyin: before 0.19.0-4.fc37
golang-github-morikuni-aec: before 1.0.0-5.fc37
golang-github-mock: before 1.6.0-3.fc37
golang-github-mmarkdown-mmark: before 2.2.10-5.fc37
golang-github-microcosm-cc-bluemonday: before 1.0.17-3.fc37
golang-github-mholt-archiver: before 3.5.1-3.fc37
golang-github-mgutz-ansi: before 0-0.13.20200729gitd51e80e.fc37
golang-github-mdlayher-dhcp6: before 0-0.8.20200429git2a67805.fc37
golang-github-mbndr-figlet4go: before 0-0.8.20191009gitd6cef5b.fc37
golang-github-mattn-colorable: before 0.1.8-5.fc37
golang-github-martinhoefling-goxkcdpwgen: before 0.1.0-2.fc37
golang-github-markbates-pkger: before 0.17.1-5.fc37
golang-github-mailru-easyjson: before 0.7.6-5.fc37
golang-github-magefile-mage: before 1.11.0-5.fc37
golang-github-lunixbochs-vtclean: before 1.0.0-8.fc37
golang-github-lofanmi-pinyin: before 1.0-4.fc37
golang-github-liamg-tml: before 0.6.0-2.fc37
golang-github-leveldb: before 0-0.9.20190701git259d925.fc37
golang-github-letsencrypt-pebble: before 2.3.1-5.fc37
golang-github-leonelquinteros-gotext: before 1.5.0-2.fc37
golang-github-ledisdb: before 0.6-5.20210112gitd35789e.fc37
golang-github-kyokomi-emoji: before 2.2.8-5.fc37
golang-github-krishicks-yaml-patch: before 0.0.10-8.20200307git05b3177.fc37
golang-github-kr-text: before 0.2.0-5.fc37
golang-github-kalafut-imohash: before 1.0.2-3.fc37
golang-github-jwt: before 3.2.2-3.fc37
golang-github-jsonnet-bundler: before 0.4.0-8.fc37
golang-github-jmespath: before 0.4.0-5.fc37
golang-github-j-keck-arping: before 1.0.2-3.fc37
golang-github-intel-goresctrl: before 0.2.0-5.fc37
golang-github-instrumenta-kubeval: before 0.15.0-8.fc37
golang-github-insomniacslk-termhook: before 0-6.20210406gita267c97.fc37
golang-github-hpcloud-tail: before 1.0.0-10.20190325gita1dbeea.fc37
golang-github-heistp-irtt: before 0.9.1-2.fc37
golang-github-hashicorp-sockaddr: before 1.0.2-11.fc37
golang-github-hashicorp-memdb: before 1.3.0-5.fc37
golang-github-hashicorp-hclog: before 0.15.0-5.fc37
golang-github-hashicorp-consul-migrate: before 0.1.0-9.20190602git678fb10.fc37
golang-github-haproxytech-dataplaneapi: before 2.4.4-4.fc37
golang-github-haproxytech-client-native: before 2.5.3-3.fc37
golang-github-gucumber: before 0-0.23.20190703git7d5c79e.fc37
golang-github-grpc-ecosystem-gateway-2: before 2.7.3-4.fc37
golang-github-gorhill-cronexpr: before 1.0.0-4.fc37
golang-github-googlecloudplatform-cloudsql-proxy: before 1.19.1-6.fc37
golang-github-googleapis-gnostic: before 0.5.3-6.fc37
golang-github-google-wire: before 0.5.0-3.fc37
golang-github-google-slothfs: before 0-0.11.20200727git59c1163.fc37
golang-github-google-pprof: before 0-16.20210802gitc50bf4f.fc37
golang-github-google-martian: before 3.1.0-9.fc37
golang-github-google-jsonnet: before 0.17.0-5.fc37
golang-github-google-dap: before 0.4.0-4.fc37
golang-github-google-containerregistry: before 0.5.1-5.fc37
golang-github-golangci-lint-1: before 0-0.5.20200828gitd2cdd8c.fc37
golang-github-gohugoio-testmodbuilder: before 0-0.10.20201030git72e1e0c.fc37
golang-github-gohugoio-localescompressed: before 1.0.1-2.fc37
golang-github-gogo-googleapis: before 1.4.1-4.fc37
golang-github-gocolly-colly-2: before 2.1.0-4.20210920git2f09941.fc37
golang-github-gobwas-ws: before 1.1.0-3.fc37
golang-github-gobuffalo-here: before 0.6.2-5.fc37
golang-github-geertjohan-rice: before 1.0.2-5.fc37
golang-github-gdamore-tcell-2: before 2.5.0-2.fc37
golang-github-gdamore-tcell: before 1.4.0-5.fc37
golang-github-fvbommel-util: before 0.0.3-5.fc37
golang-github-francoispqt-gojay: before 1.2.13-7.fc37
golang-github-fernet: before 0-0.9.20200726giteff2850.fc37
golang-github-evanw-esbuild: before 0.14.38-2.fc37
golang-github-etcd-io-gofail: before 0-0.3.20210808gitad7f989.fc37
golang-github-envoyproxy-protoc-gen-validate: before 0.4.1-6.fc37
golang-github-emersion-smtp: before 0.15.0-4.fc37
golang-github-elazarl-bindata-assetfs: before 1.0.1-9.fc37
golang-github-eknkc-amber: before 0-0.17.20190601gitcdade1c.fc37
golang-github-dustinkirkland-petname: before 0-0.6.20200605git8e5a1ed.fc37
golang-github-dreamacro-shadowsocks2: before 0.1.7-6.fc37
golang-github-dgrijalva-jwt: before 3.2.0-11.fc37
golang-github-deepmap-oapi-codegen: before 1.8.2-3.fc37
golang-github-dave-jennifer: before 1.4.1-5.fc37
golang-github-cucumber-godog: before 0.12.1-4.fc37
golang-github-cpuguy83-md2man: before 2.0.2-2.fc37
golang-github-cpu-goacmedns: before 0.1.1-5.fc37
golang-github-coredns-corefile-migration: before 1.0.11-6.fc37
golang-github-containerd-fuse-overlayfs-snapshotter: before 1.0.2-7.fc37
golang-github-containerd-continuity: before 0.2.2-3.fc37
golang-github-colinmarc-hdfs-2: before 2.2.0-4.fc37
golang-github-cockroachdb-pebble: before 0-0.8.20210108git48f5530.fc37
golang-github-cloudflare-redoctober: before 0-0.11.20210114git99c99a8.fc37
golang-github-cloudflare: before 0.21.0-3.fc37
golang-github-client9-plaintext: before 0-0.8.20190703git5bf47e7.fc37
golang-github-client9-gospell: before 0-0.11.20190524git90dfc71.fc37
golang-github-cilium-ebpf: before 0.8.0-2.fc37
golang-github-chromedp: before 0.8.1-2.fc37
golang-github-christrenkamp-goxpath: before 0-0.6.20200627gitc5096ec.fc37
golang-github-chris-ramon-douceur: before 0.2.0-5.20200910gitf346305.fc37
golang-github-chai2010-gettext: before 1.0.2-6.fc37
golang-github-cespare-xxhash: before 2.1.2-3.fc37
golang-github-c-bata-prompt: before 0.2.6-4.fc37
golang-github-burntsushi-xgb: before 0-0.15.20210108git5f9e7b3.fc37
golang-github-burntsushi-toml: before 1.0.0-5.fc37
golang-github-appc-goaci: before 0.1.1-12.fc37
golang-github-apache-beam-2: before 2.33.0~RC1-7.fc37
golang-github-acme-lego: before 4.4.0-6.fc37
golang-github-a8m-tree: before 0-0.16.20210725gitce3525c.fc37
golang-etcd-bbolt: before 1.3.6-4.fc37
golang-entgo-ent: before 0.10.0-4.fc37
golang-bug-serial-1: before 1.3.5-3.fc37
golang-ariga-atlas: before 0.3.6-3.fc37
gojq: before 0.12.8-3.fc37
godotenv: before 1.4.0-4.fc37
gmailctl: before 0.10.4-3.fc37
gitjacker: before 0.0.2-8.fc37
fzf: before 0.30.0-3.fc37
duf: before 0.8.1-3.fc37
doctl: before 1.77.0-3.fc37
dnsx: before 1.1.0-3.fc37
dnscrypt-proxy: before 2.1.1-4.fc37
deepin-gir-generator: before 2.1.0-3.fc37
clash: before 1.8.0-4.fc37
buildah: before 1.26.1-4.fc37
asciigraph: before 0.5.4-3.fc37
age: before 1.0.0-5.fc37
aerc: before 0.10.0-3.fc37
3mux: before 1.1.0-5.fc37
CPE2.3https://bodhi.fedoraproject.org/updates/FEDORA-2022-8d0c218ca7
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64269
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-28327
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to integer overflow in the Golang's library crypto/elliptic. A remote attacker can send a specially crafted scalar input longer than 32 bytes to cause P256().ScalarMult or P256().ScalarBaseMult to panic and perform a denial of service attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 37
yubihsm-connector: before 3.0.2-3.fc37
yggdrasil: before 0.2.98^1.ffb580f-0.2.20220127gitffb580f.fc37
xq: before 0.0.7-4.fc37
xe-guest-utilities-latest: before 7.30.0-4.fc37
wgctrl: before 0-0.11.20210811git4253848.fc37
weldr-client: before 35.5-2.fc37
webanalyze: before 0.3.1-6.fc37
vultr-cli: before 2.12.2-2.fc37
vultr: before 2.0.3-5.fc37
vgrep: before 2.6.0-2.fc37
toolbox: before 0.0.99.3-5.fc37
tmux-top: before 0.1.1-2.fc37
tiedot: before 3.4-8.fc37
terrier: before 0.0.2-6.fc37
sysutil: before 0-0.7.20200615git15668db.fc37
syncthing: before 1.20.2-2.fc37
swig: before 4.0.2-16.fc37
subfinder: before 2.5.2-2.fc37
source-to-image: before 1.3.1-4.fc37
snowcrash: before 0-0.7.20201119git49b99ad.fc37
snapd: before 2.55.3-2.fc37
skopeo: before 1.8.0-9.fc37
singularity: before 3.8.7-2.fc37
shhgit: before 0.2-7.fc37
shellz: before 1.5.0-7.fc37
runc: before 1.1.1-2.fc37
restic: before 0.12.1-3.fc37
reposurgeon: before 4.32-2.fc37
rclone: before 1.57.0-4.fc37
powerline-go: before 1.21.0-4.fc37
podman-tui: before 0.4.0-2.fc37
podman: before 4.1.1-2.fc37
pack: before 0.27.0~rc1-4.fc37
osbuild-composer: before 55-2.fc37
origin: before 3.11.2-6.fc37
open-policy-agent: before 0.31.0-5.fc37
onionscan: before 0.2-7.fc37
ohmybackup: before 0-0.6.20200526git50f2fce.fc37
oci-seccomp-bpf-hook: before 1.2.5-3.fc37
nex: before 20210330-3.fc37
netscanner: before 0-0.5.20201116git8baab36.fc37
nebula: before 1.5.2-4.fc37
nats-server: before 2.1.9-6.fc37
mqttcli: before 0.2.3-2.fc37
moby-engine: before 20.10.17-3.fc37
micro: before 2.0.8-5.fc37
meshbird: before 2.3-6.fc37
meg: before 0.2.4-6.fc37
mass3: before 0-0.6.20200627gite1d5f1a.fc37
manifest-tool: before 2.0.3-2.fc37
kubernetes: before 1.24.1-2.fc37
kompose: before 1.17.0-9.fc37
kiln: before 0.2.0-4.fc37
kata-containers: before 2.4.2-1.fc37.1
jid: before 0.7.6-9.fc37
ignition: before 2.14.0-2.fc37
hulk: before 0-0.6.20200620git9670699.fc37
httprobe: before 0.1.2-6.fc37
htmltest: before 0.15.0-3.fc37
hcloud: before 1.29.5-3.fc37
hakrevdns: before 0-0.5.20201116git9fa2d59.fc37
grpcurl: before 1.8.6-3.fc37
gron: before 0.7.1-2.fc37
graphviz: before 4.0.0-4.fc37
grafana-pcp: before 3.2.0-3.fc37
gotun: before 0-0.14.gita9dbe4d.fc37
gotags: before 1.4.1-8.fc37
gopass-jsonapi: before 1.11.1-2.20220511git5dc831e.fc37
gopass-hibp: before 1.12.0-2.20220511gitd4baae0.fc37
gopass: before 1.14.2-2.fc37
google-guest-agent: before 20201217.02-4.fc37
gomtree: before 0.4.0-11.fc37
goloris: before 0-0.6.20200326gita59fafb.fc37
golist: before 0.10.1-9.fc37
golang-x-text: before 0.3.7-2.fc37
golang-x-perf: before 0-0.15.20210123gitbdcc622.fc37
golang-x-mod: before 0.6.0~dev-3.20220330git9b9b3d8.fc37
golang-x-lint: before 0-16.20210123git83fdc39.fc37
golang-x-exp: before 0-0.43.20220330git053ad81.fc37
golang-x-debug: before 0-0.14.20210123gitc934e1b.fc37
golang-vbom-util: before 0-0.11.20190520gitefcd4e0.fc37
golang-storj-drpc: before 0.0.16-6.fc37
golang-starlark: before 0-0.7.20210113gite81fc95.fc37
golang-sourcegraph-appdash: before 0-0.9.20210113gitebfcffb.fc37
golang-sigs-k8s-aws-iam-authenticator: before 0.5.2-6.fc37
golang-rsc-pdf: before 0.1.1-10.fc37
golang-mvdan-xurls: before 2.2.0-6.fc37
golang-mongodb-mongo-driver: before 1.4.5-6.fc37
golang-k8s-sample-controller: before 1.22.0-4.fc37
golang-k8s-sample-cli-plugin: before 1.22.0-4.fc37
golang-k8s-sample-apiserver: before 1.22.0-5.fc37
golang-k8s-pod-security-admission: before 1.22.0-3.fc37
golang-k8s-kube-openapi: before 0-0.21.20210813git3c81807.fc37
golang-k8s-kube-aggregator: before 1.22.0-4.fc37
golang-k8s-code-generator: before 1.22.0-4.fc37
golang-k8s-apiextensions-apiserver: before 1.22.0-6.fc37
golang-jaytaylor-html2text: before 0-0.2.20220509gitbc68cce.fc37
golang-honnef-tools: before 2021.1.2-2.20220304git852a31a.fc37
golang-gopkg-src-d-git-4: before 4.13.1-8.fc37
golang-gopkg-square-jose-2: before 2.6.0-3.fc37
golang-gopkg-neurosnap-sentences-1: before 1.0.6-14.fc37
golang-google-protobuf: before 1.27.1-5.fc37
golang-google-appengine: before 1.6.7-5.fc37
golang-gitlab-commonmark-linkify: before 0-0.9.20200805git64bca66.fc37
golang-github-zyedidia-highlight: before 0-0.6.20200218git291680f.fc37
golang-github-yuin-gopher-lua: before 0-23.20220305gitf4c35e4.fc37
golang-github-xordataexchange-crypt: before 0.0.2-12.20190412gitb2862e3.fc37
golang-github-xo-terminfo: before 0-0.6.20210113gitc22d04b.fc37
golang-github-vmware-govmomi: before 0.24.0-5.fc37
golang-github-vincent-petithory-dataurl: before 0-0.7.20200110gitd1553a7.fc37
golang-github-vbatts-tar-split: before 0.11.1-10.fc37
golang-github-valyala-fasthttp: before 1.29.0-3.fc37
golang-github-ulikunitz-xz: before 0.5.10-4.fc37
golang-github-uber-jaeger-client: before 2.30.0-2.fc37
golang-github-uber-athenadriver: before 1.1.12-5.fc37
golang-github-u-root-iscsinl: before 0.1.0-4.fc37
golang-github-twpayne-waypoint: before 0-0.4.20210130git4f8e6bf.fc37
golang-github-twitchtv-twirp: before 8.1.0-4.fc37
golang-github-tscholl2-siec: before 0-3.20211128git9bdfc48.fc37
golang-github-tomnomnom-xtermcolor: before 0.1.2-8.fc37
golang-github-tklauser-numcpus: before 0.2.3-2.fc37
golang-github-temoto-robotstxt: before 1.1.2-3.fc37
golang-github-stomp-3: before 3.0.2-3.fc37
golang-github-sqshq-sampler: before 1.1.0-9.fc37
golang-github-spyzhov-ajson: before 0.4.2-1.fc37
golang-github-sourcegraph-syntaxhighlight: before 0-0.11.20180418gitbd320f5.fc37
golang-github-snappy: before 0.0.2-6.fc37
golang-github-skip2-qrcode: before 0-2.20220316gitda1b656.fc37
golang-github-shurcool-vfsgen: before 0-0.11.20210113git0d455de.fc37
golang-github-shulhan-bindata: before 3.6.1-6.fc37
golang-github-shellcode33-vm-detection: before 0-0.6.20200715git4fd05cb.fc37
golang-github-segmentio-ksuid: before 1.0.4-3.fc37
golang-github-rwcarlsen-goexif: before 0-0.9.20191017git9e8deec.fc37
golang-github-rubenv-sql-migrate: before 0-0.4.20210529gita32ed26.fc37
golang-github-rogpeppe-internal: before 1.8.1-2.fc37
golang-github-rickb777-date: before 1.19.1-2.fc37
golang-github-redteampentesting-monsoon: before 0.6.0-6.fc37
golang-github-rcrowley-metrics: before 0-0.28.20210110gitcf1acfc.fc37
golang-github-rakyll-statik: before 0.1.7-8.fc37
golang-github-quay-goval-parser: before 0.8.6-4.fc37
golang-github-prometheus-tsdb: before 0.10.0-7.fc37
golang-github-prometheus-prom2json: before 1.3.0-8.20210811git90766c0.fc37
golang-github-prometheus-node-exporter: before 1.3.1-8.fc37
golang-github-prometheus: before 2.32.1-5.fc37
golang-github-projectdiscovery-mapcidr: before 0.0.8-3.fc37
golang-github-projectdiscovery-chaos-client: before 0.2.0-2.fc37
golang-github-pressly-goose: before 2.7.0-4.fc37
golang-github-pquerna-ffjson: before 0-0.9.20200730gitaa0246c.fc37
golang-github-posener-complete-2: before 2.0.1~alpha.13-5.fc37
golang-github-pkg-diff: before 0-0.4.20210406git20ebb0f.fc37
golang-github-pierrre-geohash: before 1.0.0-4.fc37
golang-github-pierrec-lz4: before 4.1.3-5.fc37
golang-github-phayes-freeport: before 1.0.2-6.fc37
golang-github-pelletier-toml-2: before 2.0.0~beta.8-4.fc37
golang-github-pelletier-toml: before 1.9.4-2.fc37
golang-github-pdfcpu: before 0.3.13-2.fc37
golang-github-onsi-ginkgo-2: before 2.1.4-2.fc37
golang-github-oneofone-xxhash: before 1.2.8-5.fc37
golang-github-olekukonko-tablewriter: before 0.0.5-3.fc37
golang-github-oklog: before 0.3.2-10.20190701gitca7cdf5.fc37
golang-github-nxadm-tail: before 1.4.6-7.fc37
golang-github-nicksnyder-i18n-2: before 2.1.2-5.fc37
golang-github-nbutton23-zxcvbn: before 0.1-8.20210110gite56b841.fc37
golang-github-nats-io-streaming-server: before 0.20.0-5.fc37
golang-github-nats-io-nkeys: before 0.2.0-5.fc37
golang-github-mvo5-uboot: before 0.4-10.fc37
golang-github-multiformats-multihash: before 0.1.0-2.fc37
golang-github-multiformats-multibase: before 0.0.3-2.20220213gitf067816.fc37
golang-github-msprev-fzf-bibtex: before 1.1-5.20220205gitd5df2c6.fc37
golang-github-mrunalp-fileutils: before 0.5.0-5.fc37
golang-github-mozillazg-pinyin: before 0.19.0-4.fc37
golang-github-morikuni-aec: before 1.0.0-5.fc37
golang-github-mock: before 1.6.0-3.fc37
golang-github-mmarkdown-mmark: before 2.2.10-5.fc37
golang-github-microcosm-cc-bluemonday: before 1.0.17-3.fc37
golang-github-mholt-archiver: before 3.5.1-3.fc37
golang-github-mgutz-ansi: before 0-0.13.20200729gitd51e80e.fc37
golang-github-mdlayher-dhcp6: before 0-0.8.20200429git2a67805.fc37
golang-github-mbndr-figlet4go: before 0-0.8.20191009gitd6cef5b.fc37
golang-github-mattn-colorable: before 0.1.8-5.fc37
golang-github-martinhoefling-goxkcdpwgen: before 0.1.0-2.fc37
golang-github-markbates-pkger: before 0.17.1-5.fc37
golang-github-mailru-easyjson: before 0.7.6-5.fc37
golang-github-magefile-mage: before 1.11.0-5.fc37
golang-github-lunixbochs-vtclean: before 1.0.0-8.fc37
golang-github-lofanmi-pinyin: before 1.0-4.fc37
golang-github-liamg-tml: before 0.6.0-2.fc37
golang-github-leveldb: before 0-0.9.20190701git259d925.fc37
golang-github-letsencrypt-pebble: before 2.3.1-5.fc37
golang-github-leonelquinteros-gotext: before 1.5.0-2.fc37
golang-github-ledisdb: before 0.6-5.20210112gitd35789e.fc37
golang-github-kyokomi-emoji: before 2.2.8-5.fc37
golang-github-krishicks-yaml-patch: before 0.0.10-8.20200307git05b3177.fc37
golang-github-kr-text: before 0.2.0-5.fc37
golang-github-kalafut-imohash: before 1.0.2-3.fc37
golang-github-jwt: before 3.2.2-3.fc37
golang-github-jsonnet-bundler: before 0.4.0-8.fc37
golang-github-jmespath: before 0.4.0-5.fc37
golang-github-j-keck-arping: before 1.0.2-3.fc37
golang-github-intel-goresctrl: before 0.2.0-5.fc37
golang-github-instrumenta-kubeval: before 0.15.0-8.fc37
golang-github-insomniacslk-termhook: before 0-6.20210406gita267c97.fc37
golang-github-hpcloud-tail: before 1.0.0-10.20190325gita1dbeea.fc37
golang-github-heistp-irtt: before 0.9.1-2.fc37
golang-github-hashicorp-sockaddr: before 1.0.2-11.fc37
golang-github-hashicorp-memdb: before 1.3.0-5.fc37
golang-github-hashicorp-hclog: before 0.15.0-5.fc37
golang-github-hashicorp-consul-migrate: before 0.1.0-9.20190602git678fb10.fc37
golang-github-haproxytech-dataplaneapi: before 2.4.4-4.fc37
golang-github-haproxytech-client-native: before 2.5.3-3.fc37
golang-github-gucumber: before 0-0.23.20190703git7d5c79e.fc37
golang-github-grpc-ecosystem-gateway-2: before 2.7.3-4.fc37
golang-github-gorhill-cronexpr: before 1.0.0-4.fc37
golang-github-googlecloudplatform-cloudsql-proxy: before 1.19.1-6.fc37
golang-github-googleapis-gnostic: before 0.5.3-6.fc37
golang-github-google-wire: before 0.5.0-3.fc37
golang-github-google-slothfs: before 0-0.11.20200727git59c1163.fc37
golang-github-google-pprof: before 0-16.20210802gitc50bf4f.fc37
golang-github-google-martian: before 3.1.0-9.fc37
golang-github-google-jsonnet: before 0.17.0-5.fc37
golang-github-google-dap: before 0.4.0-4.fc37
golang-github-google-containerregistry: before 0.5.1-5.fc37
golang-github-golangci-lint-1: before 0-0.5.20200828gitd2cdd8c.fc37
golang-github-gohugoio-testmodbuilder: before 0-0.10.20201030git72e1e0c.fc37
golang-github-gohugoio-localescompressed: before 1.0.1-2.fc37
golang-github-gogo-googleapis: before 1.4.1-4.fc37
golang-github-gocolly-colly-2: before 2.1.0-4.20210920git2f09941.fc37
golang-github-gobwas-ws: before 1.1.0-3.fc37
golang-github-gobuffalo-here: before 0.6.2-5.fc37
golang-github-geertjohan-rice: before 1.0.2-5.fc37
golang-github-gdamore-tcell-2: before 2.5.0-2.fc37
golang-github-gdamore-tcell: before 1.4.0-5.fc37
golang-github-fvbommel-util: before 0.0.3-5.fc37
golang-github-francoispqt-gojay: before 1.2.13-7.fc37
golang-github-fernet: before 0-0.9.20200726giteff2850.fc37
golang-github-evanw-esbuild: before 0.14.38-2.fc37
golang-github-etcd-io-gofail: before 0-0.3.20210808gitad7f989.fc37
golang-github-envoyproxy-protoc-gen-validate: before 0.4.1-6.fc37
golang-github-emersion-smtp: before 0.15.0-4.fc37
golang-github-elazarl-bindata-assetfs: before 1.0.1-9.fc37
golang-github-eknkc-amber: before 0-0.17.20190601gitcdade1c.fc37
golang-github-dustinkirkland-petname: before 0-0.6.20200605git8e5a1ed.fc37
golang-github-dreamacro-shadowsocks2: before 0.1.7-6.fc37
golang-github-dgrijalva-jwt: before 3.2.0-11.fc37
golang-github-deepmap-oapi-codegen: before 1.8.2-3.fc37
golang-github-dave-jennifer: before 1.4.1-5.fc37
golang-github-cucumber-godog: before 0.12.1-4.fc37
golang-github-cpuguy83-md2man: before 2.0.2-2.fc37
golang-github-cpu-goacmedns: before 0.1.1-5.fc37
golang-github-coredns-corefile-migration: before 1.0.11-6.fc37
golang-github-containerd-fuse-overlayfs-snapshotter: before 1.0.2-7.fc37
golang-github-containerd-continuity: before 0.2.2-3.fc37
golang-github-colinmarc-hdfs-2: before 2.2.0-4.fc37
golang-github-cockroachdb-pebble: before 0-0.8.20210108git48f5530.fc37
golang-github-cloudflare-redoctober: before 0-0.11.20210114git99c99a8.fc37
golang-github-cloudflare: before 0.21.0-3.fc37
golang-github-client9-plaintext: before 0-0.8.20190703git5bf47e7.fc37
golang-github-client9-gospell: before 0-0.11.20190524git90dfc71.fc37
golang-github-cilium-ebpf: before 0.8.0-2.fc37
golang-github-chromedp: before 0.8.1-2.fc37
golang-github-christrenkamp-goxpath: before 0-0.6.20200627gitc5096ec.fc37
golang-github-chris-ramon-douceur: before 0.2.0-5.20200910gitf346305.fc37
golang-github-chai2010-gettext: before 1.0.2-6.fc37
golang-github-cespare-xxhash: before 2.1.2-3.fc37
golang-github-c-bata-prompt: before 0.2.6-4.fc37
golang-github-burntsushi-xgb: before 0-0.15.20210108git5f9e7b3.fc37
golang-github-burntsushi-toml: before 1.0.0-5.fc37
golang-github-appc-goaci: before 0.1.1-12.fc37
golang-github-apache-beam-2: before 2.33.0~RC1-7.fc37
golang-github-acme-lego: before 4.4.0-6.fc37
golang-github-a8m-tree: before 0-0.16.20210725gitce3525c.fc37
golang-etcd-bbolt: before 1.3.6-4.fc37
golang-entgo-ent: before 0.10.0-4.fc37
golang-bug-serial-1: before 1.3.5-3.fc37
golang-ariga-atlas: before 0.3.6-3.fc37
gojq: before 0.12.8-3.fc37
godotenv: before 1.4.0-4.fc37
gmailctl: before 0.10.4-3.fc37
gitjacker: before 0.0.2-8.fc37
fzf: before 0.30.0-3.fc37
duf: before 0.8.1-3.fc37
doctl: before 1.77.0-3.fc37
dnsx: before 1.1.0-3.fc37
dnscrypt-proxy: before 2.1.1-4.fc37
deepin-gir-generator: before 2.1.0-3.fc37
clash: before 1.8.0-4.fc37
buildah: before 1.26.1-4.fc37
asciigraph: before 0.5.4-3.fc37
age: before 1.0.0-5.fc37
aerc: before 0.10.0-3.fc37
3mux: before 1.1.0-5.fc37
CPE2.3https://bodhi.fedoraproject.org/updates/FEDORA-2022-8d0c218ca7
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62039
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-27191
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in golang.org/x/crypto/ssh before 0.0.0-20220314234659-1baeb1ce4c0b, as used in Go programming language. A remote attacker can crash a server in certain circumstances involving AddHostKey.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 37
yubihsm-connector: before 3.0.2-3.fc37
yggdrasil: before 0.2.98^1.ffb580f-0.2.20220127gitffb580f.fc37
xq: before 0.0.7-4.fc37
xe-guest-utilities-latest: before 7.30.0-4.fc37
wgctrl: before 0-0.11.20210811git4253848.fc37
weldr-client: before 35.5-2.fc37
webanalyze: before 0.3.1-6.fc37
vultr-cli: before 2.12.2-2.fc37
vultr: before 2.0.3-5.fc37
vgrep: before 2.6.0-2.fc37
toolbox: before 0.0.99.3-5.fc37
tmux-top: before 0.1.1-2.fc37
tiedot: before 3.4-8.fc37
terrier: before 0.0.2-6.fc37
sysutil: before 0-0.7.20200615git15668db.fc37
syncthing: before 1.20.2-2.fc37
swig: before 4.0.2-16.fc37
subfinder: before 2.5.2-2.fc37
source-to-image: before 1.3.1-4.fc37
snowcrash: before 0-0.7.20201119git49b99ad.fc37
snapd: before 2.55.3-2.fc37
skopeo: before 1.8.0-9.fc37
singularity: before 3.8.7-2.fc37
shhgit: before 0.2-7.fc37
shellz: before 1.5.0-7.fc37
runc: before 1.1.1-2.fc37
restic: before 0.12.1-3.fc37
reposurgeon: before 4.32-2.fc37
rclone: before 1.57.0-4.fc37
powerline-go: before 1.21.0-4.fc37
podman-tui: before 0.4.0-2.fc37
podman: before 4.1.1-2.fc37
pack: before 0.27.0~rc1-4.fc37
osbuild-composer: before 55-2.fc37
origin: before 3.11.2-6.fc37
open-policy-agent: before 0.31.0-5.fc37
onionscan: before 0.2-7.fc37
ohmybackup: before 0-0.6.20200526git50f2fce.fc37
oci-seccomp-bpf-hook: before 1.2.5-3.fc37
nex: before 20210330-3.fc37
netscanner: before 0-0.5.20201116git8baab36.fc37
nebula: before 1.5.2-4.fc37
nats-server: before 2.1.9-6.fc37
mqttcli: before 0.2.3-2.fc37
moby-engine: before 20.10.17-3.fc37
micro: before 2.0.8-5.fc37
meshbird: before 2.3-6.fc37
meg: before 0.2.4-6.fc37
mass3: before 0-0.6.20200627gite1d5f1a.fc37
manifest-tool: before 2.0.3-2.fc37
kubernetes: before 1.24.1-2.fc37
kompose: before 1.17.0-9.fc37
kiln: before 0.2.0-4.fc37
kata-containers: before 2.4.2-1.fc37.1
jid: before 0.7.6-9.fc37
ignition: before 2.14.0-2.fc37
hulk: before 0-0.6.20200620git9670699.fc37
httprobe: before 0.1.2-6.fc37
htmltest: before 0.15.0-3.fc37
hcloud: before 1.29.5-3.fc37
hakrevdns: before 0-0.5.20201116git9fa2d59.fc37
grpcurl: before 1.8.6-3.fc37
gron: before 0.7.1-2.fc37
graphviz: before 4.0.0-4.fc37
grafana-pcp: before 3.2.0-3.fc37
gotun: before 0-0.14.gita9dbe4d.fc37
gotags: before 1.4.1-8.fc37
gopass-jsonapi: before 1.11.1-2.20220511git5dc831e.fc37
gopass-hibp: before 1.12.0-2.20220511gitd4baae0.fc37
gopass: before 1.14.2-2.fc37
google-guest-agent: before 20201217.02-4.fc37
gomtree: before 0.4.0-11.fc37
goloris: before 0-0.6.20200326gita59fafb.fc37
golist: before 0.10.1-9.fc37
golang-x-text: before 0.3.7-2.fc37
golang-x-perf: before 0-0.15.20210123gitbdcc622.fc37
golang-x-mod: before 0.6.0~dev-3.20220330git9b9b3d8.fc37
golang-x-lint: before 0-16.20210123git83fdc39.fc37
golang-x-exp: before 0-0.43.20220330git053ad81.fc37
golang-x-debug: before 0-0.14.20210123gitc934e1b.fc37
golang-vbom-util: before 0-0.11.20190520gitefcd4e0.fc37
golang-storj-drpc: before 0.0.16-6.fc37
golang-starlark: before 0-0.7.20210113gite81fc95.fc37
golang-sourcegraph-appdash: before 0-0.9.20210113gitebfcffb.fc37
golang-sigs-k8s-aws-iam-authenticator: before 0.5.2-6.fc37
golang-rsc-pdf: before 0.1.1-10.fc37
golang-mvdan-xurls: before 2.2.0-6.fc37
golang-mongodb-mongo-driver: before 1.4.5-6.fc37
golang-k8s-sample-controller: before 1.22.0-4.fc37
golang-k8s-sample-cli-plugin: before 1.22.0-4.fc37
golang-k8s-sample-apiserver: before 1.22.0-5.fc37
golang-k8s-pod-security-admission: before 1.22.0-3.fc37
golang-k8s-kube-openapi: before 0-0.21.20210813git3c81807.fc37
golang-k8s-kube-aggregator: before 1.22.0-4.fc37
golang-k8s-code-generator: before 1.22.0-4.fc37
golang-k8s-apiextensions-apiserver: before 1.22.0-6.fc37
golang-jaytaylor-html2text: before 0-0.2.20220509gitbc68cce.fc37
golang-honnef-tools: before 2021.1.2-2.20220304git852a31a.fc37
golang-gopkg-src-d-git-4: before 4.13.1-8.fc37
golang-gopkg-square-jose-2: before 2.6.0-3.fc37
golang-gopkg-neurosnap-sentences-1: before 1.0.6-14.fc37
golang-google-protobuf: before 1.27.1-5.fc37
golang-google-appengine: before 1.6.7-5.fc37
golang-gitlab-commonmark-linkify: before 0-0.9.20200805git64bca66.fc37
golang-github-zyedidia-highlight: before 0-0.6.20200218git291680f.fc37
golang-github-yuin-gopher-lua: before 0-23.20220305gitf4c35e4.fc37
golang-github-xordataexchange-crypt: before 0.0.2-12.20190412gitb2862e3.fc37
golang-github-xo-terminfo: before 0-0.6.20210113gitc22d04b.fc37
golang-github-vmware-govmomi: before 0.24.0-5.fc37
golang-github-vincent-petithory-dataurl: before 0-0.7.20200110gitd1553a7.fc37
golang-github-vbatts-tar-split: before 0.11.1-10.fc37
golang-github-valyala-fasthttp: before 1.29.0-3.fc37
golang-github-ulikunitz-xz: before 0.5.10-4.fc37
golang-github-uber-jaeger-client: before 2.30.0-2.fc37
golang-github-uber-athenadriver: before 1.1.12-5.fc37
golang-github-u-root-iscsinl: before 0.1.0-4.fc37
golang-github-twpayne-waypoint: before 0-0.4.20210130git4f8e6bf.fc37
golang-github-twitchtv-twirp: before 8.1.0-4.fc37
golang-github-tscholl2-siec: before 0-3.20211128git9bdfc48.fc37
golang-github-tomnomnom-xtermcolor: before 0.1.2-8.fc37
golang-github-tklauser-numcpus: before 0.2.3-2.fc37
golang-github-temoto-robotstxt: before 1.1.2-3.fc37
golang-github-stomp-3: before 3.0.2-3.fc37
golang-github-sqshq-sampler: before 1.1.0-9.fc37
golang-github-spyzhov-ajson: before 0.4.2-1.fc37
golang-github-sourcegraph-syntaxhighlight: before 0-0.11.20180418gitbd320f5.fc37
golang-github-snappy: before 0.0.2-6.fc37
golang-github-skip2-qrcode: before 0-2.20220316gitda1b656.fc37
golang-github-shurcool-vfsgen: before 0-0.11.20210113git0d455de.fc37
golang-github-shulhan-bindata: before 3.6.1-6.fc37
golang-github-shellcode33-vm-detection: before 0-0.6.20200715git4fd05cb.fc37
golang-github-segmentio-ksuid: before 1.0.4-3.fc37
golang-github-rwcarlsen-goexif: before 0-0.9.20191017git9e8deec.fc37
golang-github-rubenv-sql-migrate: before 0-0.4.20210529gita32ed26.fc37
golang-github-rogpeppe-internal: before 1.8.1-2.fc37
golang-github-rickb777-date: before 1.19.1-2.fc37
golang-github-redteampentesting-monsoon: before 0.6.0-6.fc37
golang-github-rcrowley-metrics: before 0-0.28.20210110gitcf1acfc.fc37
golang-github-rakyll-statik: before 0.1.7-8.fc37
golang-github-quay-goval-parser: before 0.8.6-4.fc37
golang-github-prometheus-tsdb: before 0.10.0-7.fc37
golang-github-prometheus-prom2json: before 1.3.0-8.20210811git90766c0.fc37
golang-github-prometheus-node-exporter: before 1.3.1-8.fc37
golang-github-prometheus: before 2.32.1-5.fc37
golang-github-projectdiscovery-mapcidr: before 0.0.8-3.fc37
golang-github-projectdiscovery-chaos-client: before 0.2.0-2.fc37
golang-github-pressly-goose: before 2.7.0-4.fc37
golang-github-pquerna-ffjson: before 0-0.9.20200730gitaa0246c.fc37
golang-github-posener-complete-2: before 2.0.1~alpha.13-5.fc37
golang-github-pkg-diff: before 0-0.4.20210406git20ebb0f.fc37
golang-github-pierrre-geohash: before 1.0.0-4.fc37
golang-github-pierrec-lz4: before 4.1.3-5.fc37
golang-github-phayes-freeport: before 1.0.2-6.fc37
golang-github-pelletier-toml-2: before 2.0.0~beta.8-4.fc37
golang-github-pelletier-toml: before 1.9.4-2.fc37
golang-github-pdfcpu: before 0.3.13-2.fc37
golang-github-onsi-ginkgo-2: before 2.1.4-2.fc37
golang-github-oneofone-xxhash: before 1.2.8-5.fc37
golang-github-olekukonko-tablewriter: before 0.0.5-3.fc37
golang-github-oklog: before 0.3.2-10.20190701gitca7cdf5.fc37
golang-github-nxadm-tail: before 1.4.6-7.fc37
golang-github-nicksnyder-i18n-2: before 2.1.2-5.fc37
golang-github-nbutton23-zxcvbn: before 0.1-8.20210110gite56b841.fc37
golang-github-nats-io-streaming-server: before 0.20.0-5.fc37
golang-github-nats-io-nkeys: before 0.2.0-5.fc37
golang-github-mvo5-uboot: before 0.4-10.fc37
golang-github-multiformats-multihash: before 0.1.0-2.fc37
golang-github-multiformats-multibase: before 0.0.3-2.20220213gitf067816.fc37
golang-github-msprev-fzf-bibtex: before 1.1-5.20220205gitd5df2c6.fc37
golang-github-mrunalp-fileutils: before 0.5.0-5.fc37
golang-github-mozillazg-pinyin: before 0.19.0-4.fc37
golang-github-morikuni-aec: before 1.0.0-5.fc37
golang-github-mock: before 1.6.0-3.fc37
golang-github-mmarkdown-mmark: before 2.2.10-5.fc37
golang-github-microcosm-cc-bluemonday: before 1.0.17-3.fc37
golang-github-mholt-archiver: before 3.5.1-3.fc37
golang-github-mgutz-ansi: before 0-0.13.20200729gitd51e80e.fc37
golang-github-mdlayher-dhcp6: before 0-0.8.20200429git2a67805.fc37
golang-github-mbndr-figlet4go: before 0-0.8.20191009gitd6cef5b.fc37
golang-github-mattn-colorable: before 0.1.8-5.fc37
golang-github-martinhoefling-goxkcdpwgen: before 0.1.0-2.fc37
golang-github-markbates-pkger: before 0.17.1-5.fc37
golang-github-mailru-easyjson: before 0.7.6-5.fc37
golang-github-magefile-mage: before 1.11.0-5.fc37
golang-github-lunixbochs-vtclean: before 1.0.0-8.fc37
golang-github-lofanmi-pinyin: before 1.0-4.fc37
golang-github-liamg-tml: before 0.6.0-2.fc37
golang-github-leveldb: before 0-0.9.20190701git259d925.fc37
golang-github-letsencrypt-pebble: before 2.3.1-5.fc37
golang-github-leonelquinteros-gotext: before 1.5.0-2.fc37
golang-github-ledisdb: before 0.6-5.20210112gitd35789e.fc37
golang-github-kyokomi-emoji: before 2.2.8-5.fc37
golang-github-krishicks-yaml-patch: before 0.0.10-8.20200307git05b3177.fc37
golang-github-kr-text: before 0.2.0-5.fc37
golang-github-kalafut-imohash: before 1.0.2-3.fc37
golang-github-jwt: before 3.2.2-3.fc37
golang-github-jsonnet-bundler: before 0.4.0-8.fc37
golang-github-jmespath: before 0.4.0-5.fc37
golang-github-j-keck-arping: before 1.0.2-3.fc37
golang-github-intel-goresctrl: before 0.2.0-5.fc37
golang-github-instrumenta-kubeval: before 0.15.0-8.fc37
golang-github-insomniacslk-termhook: before 0-6.20210406gita267c97.fc37
golang-github-hpcloud-tail: before 1.0.0-10.20190325gita1dbeea.fc37
golang-github-heistp-irtt: before 0.9.1-2.fc37
golang-github-hashicorp-sockaddr: before 1.0.2-11.fc37
golang-github-hashicorp-memdb: before 1.3.0-5.fc37
golang-github-hashicorp-hclog: before 0.15.0-5.fc37
golang-github-hashicorp-consul-migrate: before 0.1.0-9.20190602git678fb10.fc37
golang-github-haproxytech-dataplaneapi: before 2.4.4-4.fc37
golang-github-haproxytech-client-native: before 2.5.3-3.fc37
golang-github-gucumber: before 0-0.23.20190703git7d5c79e.fc37
golang-github-grpc-ecosystem-gateway-2: before 2.7.3-4.fc37
golang-github-gorhill-cronexpr: before 1.0.0-4.fc37
golang-github-googlecloudplatform-cloudsql-proxy: before 1.19.1-6.fc37
golang-github-googleapis-gnostic: before 0.5.3-6.fc37
golang-github-google-wire: before 0.5.0-3.fc37
golang-github-google-slothfs: before 0-0.11.20200727git59c1163.fc37
golang-github-google-pprof: before 0-16.20210802gitc50bf4f.fc37
golang-github-google-martian: before 3.1.0-9.fc37
golang-github-google-jsonnet: before 0.17.0-5.fc37
golang-github-google-dap: before 0.4.0-4.fc37
golang-github-google-containerregistry: before 0.5.1-5.fc37
golang-github-golangci-lint-1: before 0-0.5.20200828gitd2cdd8c.fc37
golang-github-gohugoio-testmodbuilder: before 0-0.10.20201030git72e1e0c.fc37
golang-github-gohugoio-localescompressed: before 1.0.1-2.fc37
golang-github-gogo-googleapis: before 1.4.1-4.fc37
golang-github-gocolly-colly-2: before 2.1.0-4.20210920git2f09941.fc37
golang-github-gobwas-ws: before 1.1.0-3.fc37
golang-github-gobuffalo-here: before 0.6.2-5.fc37
golang-github-geertjohan-rice: before 1.0.2-5.fc37
golang-github-gdamore-tcell-2: before 2.5.0-2.fc37
golang-github-gdamore-tcell: before 1.4.0-5.fc37
golang-github-fvbommel-util: before 0.0.3-5.fc37
golang-github-francoispqt-gojay: before 1.2.13-7.fc37
golang-github-fernet: before 0-0.9.20200726giteff2850.fc37
golang-github-evanw-esbuild: before 0.14.38-2.fc37
golang-github-etcd-io-gofail: before 0-0.3.20210808gitad7f989.fc37
golang-github-envoyproxy-protoc-gen-validate: before 0.4.1-6.fc37
golang-github-emersion-smtp: before 0.15.0-4.fc37
golang-github-elazarl-bindata-assetfs: before 1.0.1-9.fc37
golang-github-eknkc-amber: before 0-0.17.20190601gitcdade1c.fc37
golang-github-dustinkirkland-petname: before 0-0.6.20200605git8e5a1ed.fc37
golang-github-dreamacro-shadowsocks2: before 0.1.7-6.fc37
golang-github-dgrijalva-jwt: before 3.2.0-11.fc37
golang-github-deepmap-oapi-codegen: before 1.8.2-3.fc37
golang-github-dave-jennifer: before 1.4.1-5.fc37
golang-github-cucumber-godog: before 0.12.1-4.fc37
golang-github-cpuguy83-md2man: before 2.0.2-2.fc37
golang-github-cpu-goacmedns: before 0.1.1-5.fc37
golang-github-coredns-corefile-migration: before 1.0.11-6.fc37
golang-github-containerd-fuse-overlayfs-snapshotter: before 1.0.2-7.fc37
golang-github-containerd-continuity: before 0.2.2-3.fc37
golang-github-colinmarc-hdfs-2: before 2.2.0-4.fc37
golang-github-cockroachdb-pebble: before 0-0.8.20210108git48f5530.fc37
golang-github-cloudflare-redoctober: before 0-0.11.20210114git99c99a8.fc37
golang-github-cloudflare: before 0.21.0-3.fc37
golang-github-client9-plaintext: before 0-0.8.20190703git5bf47e7.fc37
golang-github-client9-gospell: before 0-0.11.20190524git90dfc71.fc37
golang-github-cilium-ebpf: before 0.8.0-2.fc37
golang-github-chromedp: before 0.8.1-2.fc37
golang-github-christrenkamp-goxpath: before 0-0.6.20200627gitc5096ec.fc37
golang-github-chris-ramon-douceur: before 0.2.0-5.20200910gitf346305.fc37
golang-github-chai2010-gettext: before 1.0.2-6.fc37
golang-github-cespare-xxhash: before 2.1.2-3.fc37
golang-github-c-bata-prompt: before 0.2.6-4.fc37
golang-github-burntsushi-xgb: before 0-0.15.20210108git5f9e7b3.fc37
golang-github-burntsushi-toml: before 1.0.0-5.fc37
golang-github-appc-goaci: before 0.1.1-12.fc37
golang-github-apache-beam-2: before 2.33.0~RC1-7.fc37
golang-github-acme-lego: before 4.4.0-6.fc37
golang-github-a8m-tree: before 0-0.16.20210725gitce3525c.fc37
golang-etcd-bbolt: before 1.3.6-4.fc37
golang-entgo-ent: before 0.10.0-4.fc37
golang-bug-serial-1: before 1.3.5-3.fc37
golang-ariga-atlas: before 0.3.6-3.fc37
gojq: before 0.12.8-3.fc37
godotenv: before 1.4.0-4.fc37
gmailctl: before 0.10.4-3.fc37
gitjacker: before 0.0.2-8.fc37
fzf: before 0.30.0-3.fc37
duf: before 0.8.1-3.fc37
doctl: before 1.77.0-3.fc37
dnsx: before 1.1.0-3.fc37
dnscrypt-proxy: before 2.1.1-4.fc37
deepin-gir-generator: before 2.1.0-3.fc37
clash: before 1.8.0-4.fc37
buildah: before 1.26.1-4.fc37
asciigraph: before 0.5.4-3.fc37
age: before 1.0.0-5.fc37
aerc: before 0.10.0-3.fc37
3mux: before 1.1.0-5.fc37
CPE2.3https://bodhi.fedoraproject.org/updates/FEDORA-2022-8d0c218ca7
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63173
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-29526
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to the Faccessat function can incorrectly report that a file is accessible, when called with a non-zero flags parameter. An attacker can bypass implemented security restrictions.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 37
yubihsm-connector: before 3.0.2-3.fc37
yggdrasil: before 0.2.98^1.ffb580f-0.2.20220127gitffb580f.fc37
xq: before 0.0.7-4.fc37
xe-guest-utilities-latest: before 7.30.0-4.fc37
wgctrl: before 0-0.11.20210811git4253848.fc37
weldr-client: before 35.5-2.fc37
webanalyze: before 0.3.1-6.fc37
vultr-cli: before 2.12.2-2.fc37
vultr: before 2.0.3-5.fc37
vgrep: before 2.6.0-2.fc37
toolbox: before 0.0.99.3-5.fc37
tmux-top: before 0.1.1-2.fc37
tiedot: before 3.4-8.fc37
terrier: before 0.0.2-6.fc37
sysutil: before 0-0.7.20200615git15668db.fc37
syncthing: before 1.20.2-2.fc37
swig: before 4.0.2-16.fc37
subfinder: before 2.5.2-2.fc37
source-to-image: before 1.3.1-4.fc37
snowcrash: before 0-0.7.20201119git49b99ad.fc37
snapd: before 2.55.3-2.fc37
skopeo: before 1.8.0-9.fc37
singularity: before 3.8.7-2.fc37
shhgit: before 0.2-7.fc37
shellz: before 1.5.0-7.fc37
runc: before 1.1.1-2.fc37
restic: before 0.12.1-3.fc37
reposurgeon: before 4.32-2.fc37
rclone: before 1.57.0-4.fc37
powerline-go: before 1.21.0-4.fc37
podman-tui: before 0.4.0-2.fc37
podman: before 4.1.1-2.fc37
pack: before 0.27.0~rc1-4.fc37
osbuild-composer: before 55-2.fc37
origin: before 3.11.2-6.fc37
open-policy-agent: before 0.31.0-5.fc37
onionscan: before 0.2-7.fc37
ohmybackup: before 0-0.6.20200526git50f2fce.fc37
oci-seccomp-bpf-hook: before 1.2.5-3.fc37
nex: before 20210330-3.fc37
netscanner: before 0-0.5.20201116git8baab36.fc37
nebula: before 1.5.2-4.fc37
nats-server: before 2.1.9-6.fc37
mqttcli: before 0.2.3-2.fc37
moby-engine: before 20.10.17-3.fc37
micro: before 2.0.8-5.fc37
meshbird: before 2.3-6.fc37
meg: before 0.2.4-6.fc37
mass3: before 0-0.6.20200627gite1d5f1a.fc37
manifest-tool: before 2.0.3-2.fc37
kubernetes: before 1.24.1-2.fc37
kompose: before 1.17.0-9.fc37
kiln: before 0.2.0-4.fc37
kata-containers: before 2.4.2-1.fc37.1
jid: before 0.7.6-9.fc37
ignition: before 2.14.0-2.fc37
hulk: before 0-0.6.20200620git9670699.fc37
httprobe: before 0.1.2-6.fc37
htmltest: before 0.15.0-3.fc37
hcloud: before 1.29.5-3.fc37
hakrevdns: before 0-0.5.20201116git9fa2d59.fc37
grpcurl: before 1.8.6-3.fc37
gron: before 0.7.1-2.fc37
graphviz: before 4.0.0-4.fc37
grafana-pcp: before 3.2.0-3.fc37
gotun: before 0-0.14.gita9dbe4d.fc37
gotags: before 1.4.1-8.fc37
gopass-jsonapi: before 1.11.1-2.20220511git5dc831e.fc37
gopass-hibp: before 1.12.0-2.20220511gitd4baae0.fc37
gopass: before 1.14.2-2.fc37
google-guest-agent: before 20201217.02-4.fc37
gomtree: before 0.4.0-11.fc37
goloris: before 0-0.6.20200326gita59fafb.fc37
golist: before 0.10.1-9.fc37
golang-x-text: before 0.3.7-2.fc37
golang-x-perf: before 0-0.15.20210123gitbdcc622.fc37
golang-x-mod: before 0.6.0~dev-3.20220330git9b9b3d8.fc37
golang-x-lint: before 0-16.20210123git83fdc39.fc37
golang-x-exp: before 0-0.43.20220330git053ad81.fc37
golang-x-debug: before 0-0.14.20210123gitc934e1b.fc37
golang-vbom-util: before 0-0.11.20190520gitefcd4e0.fc37
golang-storj-drpc: before 0.0.16-6.fc37
golang-starlark: before 0-0.7.20210113gite81fc95.fc37
golang-sourcegraph-appdash: before 0-0.9.20210113gitebfcffb.fc37
golang-sigs-k8s-aws-iam-authenticator: before 0.5.2-6.fc37
golang-rsc-pdf: before 0.1.1-10.fc37
golang-mvdan-xurls: before 2.2.0-6.fc37
golang-mongodb-mongo-driver: before 1.4.5-6.fc37
golang-k8s-sample-controller: before 1.22.0-4.fc37
golang-k8s-sample-cli-plugin: before 1.22.0-4.fc37
golang-k8s-sample-apiserver: before 1.22.0-5.fc37
golang-k8s-pod-security-admission: before 1.22.0-3.fc37
golang-k8s-kube-openapi: before 0-0.21.20210813git3c81807.fc37
golang-k8s-kube-aggregator: before 1.22.0-4.fc37
golang-k8s-code-generator: before 1.22.0-4.fc37
golang-k8s-apiextensions-apiserver: before 1.22.0-6.fc37
golang-jaytaylor-html2text: before 0-0.2.20220509gitbc68cce.fc37
golang-honnef-tools: before 2021.1.2-2.20220304git852a31a.fc37
golang-gopkg-src-d-git-4: before 4.13.1-8.fc37
golang-gopkg-square-jose-2: before 2.6.0-3.fc37
golang-gopkg-neurosnap-sentences-1: before 1.0.6-14.fc37
golang-google-protobuf: before 1.27.1-5.fc37
golang-google-appengine: before 1.6.7-5.fc37
golang-gitlab-commonmark-linkify: before 0-0.9.20200805git64bca66.fc37
golang-github-zyedidia-highlight: before 0-0.6.20200218git291680f.fc37
golang-github-yuin-gopher-lua: before 0-23.20220305gitf4c35e4.fc37
golang-github-xordataexchange-crypt: before 0.0.2-12.20190412gitb2862e3.fc37
golang-github-xo-terminfo: before 0-0.6.20210113gitc22d04b.fc37
golang-github-vmware-govmomi: before 0.24.0-5.fc37
golang-github-vincent-petithory-dataurl: before 0-0.7.20200110gitd1553a7.fc37
golang-github-vbatts-tar-split: before 0.11.1-10.fc37
golang-github-valyala-fasthttp: before 1.29.0-3.fc37
golang-github-ulikunitz-xz: before 0.5.10-4.fc37
golang-github-uber-jaeger-client: before 2.30.0-2.fc37
golang-github-uber-athenadriver: before 1.1.12-5.fc37
golang-github-u-root-iscsinl: before 0.1.0-4.fc37
golang-github-twpayne-waypoint: before 0-0.4.20210130git4f8e6bf.fc37
golang-github-twitchtv-twirp: before 8.1.0-4.fc37
golang-github-tscholl2-siec: before 0-3.20211128git9bdfc48.fc37
golang-github-tomnomnom-xtermcolor: before 0.1.2-8.fc37
golang-github-tklauser-numcpus: before 0.2.3-2.fc37
golang-github-temoto-robotstxt: before 1.1.2-3.fc37
golang-github-stomp-3: before 3.0.2-3.fc37
golang-github-sqshq-sampler: before 1.1.0-9.fc37
golang-github-spyzhov-ajson: before 0.4.2-1.fc37
golang-github-sourcegraph-syntaxhighlight: before 0-0.11.20180418gitbd320f5.fc37
golang-github-snappy: before 0.0.2-6.fc37
golang-github-skip2-qrcode: before 0-2.20220316gitda1b656.fc37
golang-github-shurcool-vfsgen: before 0-0.11.20210113git0d455de.fc37
golang-github-shulhan-bindata: before 3.6.1-6.fc37
golang-github-shellcode33-vm-detection: before 0-0.6.20200715git4fd05cb.fc37
golang-github-segmentio-ksuid: before 1.0.4-3.fc37
golang-github-rwcarlsen-goexif: before 0-0.9.20191017git9e8deec.fc37
golang-github-rubenv-sql-migrate: before 0-0.4.20210529gita32ed26.fc37
golang-github-rogpeppe-internal: before 1.8.1-2.fc37
golang-github-rickb777-date: before 1.19.1-2.fc37
golang-github-redteampentesting-monsoon: before 0.6.0-6.fc37
golang-github-rcrowley-metrics: before 0-0.28.20210110gitcf1acfc.fc37
golang-github-rakyll-statik: before 0.1.7-8.fc37
golang-github-quay-goval-parser: before 0.8.6-4.fc37
golang-github-prometheus-tsdb: before 0.10.0-7.fc37
golang-github-prometheus-prom2json: before 1.3.0-8.20210811git90766c0.fc37
golang-github-prometheus-node-exporter: before 1.3.1-8.fc37
golang-github-prometheus: before 2.32.1-5.fc37
golang-github-projectdiscovery-mapcidr: before 0.0.8-3.fc37
golang-github-projectdiscovery-chaos-client: before 0.2.0-2.fc37
golang-github-pressly-goose: before 2.7.0-4.fc37
golang-github-pquerna-ffjson: before 0-0.9.20200730gitaa0246c.fc37
golang-github-posener-complete-2: before 2.0.1~alpha.13-5.fc37
golang-github-pkg-diff: before 0-0.4.20210406git20ebb0f.fc37
golang-github-pierrre-geohash: before 1.0.0-4.fc37
golang-github-pierrec-lz4: before 4.1.3-5.fc37
golang-github-phayes-freeport: before 1.0.2-6.fc37
golang-github-pelletier-toml-2: before 2.0.0~beta.8-4.fc37
golang-github-pelletier-toml: before 1.9.4-2.fc37
golang-github-pdfcpu: before 0.3.13-2.fc37
golang-github-onsi-ginkgo-2: before 2.1.4-2.fc37
golang-github-oneofone-xxhash: before 1.2.8-5.fc37
golang-github-olekukonko-tablewriter: before 0.0.5-3.fc37
golang-github-oklog: before 0.3.2-10.20190701gitca7cdf5.fc37
golang-github-nxadm-tail: before 1.4.6-7.fc37
golang-github-nicksnyder-i18n-2: before 2.1.2-5.fc37
golang-github-nbutton23-zxcvbn: before 0.1-8.20210110gite56b841.fc37
golang-github-nats-io-streaming-server: before 0.20.0-5.fc37
golang-github-nats-io-nkeys: before 0.2.0-5.fc37
golang-github-mvo5-uboot: before 0.4-10.fc37
golang-github-multiformats-multihash: before 0.1.0-2.fc37
golang-github-multiformats-multibase: before 0.0.3-2.20220213gitf067816.fc37
golang-github-msprev-fzf-bibtex: before 1.1-5.20220205gitd5df2c6.fc37
golang-github-mrunalp-fileutils: before 0.5.0-5.fc37
golang-github-mozillazg-pinyin: before 0.19.0-4.fc37
golang-github-morikuni-aec: before 1.0.0-5.fc37
golang-github-mock: before 1.6.0-3.fc37
golang-github-mmarkdown-mmark: before 2.2.10-5.fc37
golang-github-microcosm-cc-bluemonday: before 1.0.17-3.fc37
golang-github-mholt-archiver: before 3.5.1-3.fc37
golang-github-mgutz-ansi: before 0-0.13.20200729gitd51e80e.fc37
golang-github-mdlayher-dhcp6: before 0-0.8.20200429git2a67805.fc37
golang-github-mbndr-figlet4go: before 0-0.8.20191009gitd6cef5b.fc37
golang-github-mattn-colorable: before 0.1.8-5.fc37
golang-github-martinhoefling-goxkcdpwgen: before 0.1.0-2.fc37
golang-github-markbates-pkger: before 0.17.1-5.fc37
golang-github-mailru-easyjson: before 0.7.6-5.fc37
golang-github-magefile-mage: before 1.11.0-5.fc37
golang-github-lunixbochs-vtclean: before 1.0.0-8.fc37
golang-github-lofanmi-pinyin: before 1.0-4.fc37
golang-github-liamg-tml: before 0.6.0-2.fc37
golang-github-leveldb: before 0-0.9.20190701git259d925.fc37
golang-github-letsencrypt-pebble: before 2.3.1-5.fc37
golang-github-leonelquinteros-gotext: before 1.5.0-2.fc37
golang-github-ledisdb: before 0.6-5.20210112gitd35789e.fc37
golang-github-kyokomi-emoji: before 2.2.8-5.fc37
golang-github-krishicks-yaml-patch: before 0.0.10-8.20200307git05b3177.fc37
golang-github-kr-text: before 0.2.0-5.fc37
golang-github-kalafut-imohash: before 1.0.2-3.fc37
golang-github-jwt: before 3.2.2-3.fc37
golang-github-jsonnet-bundler: before 0.4.0-8.fc37
golang-github-jmespath: before 0.4.0-5.fc37
golang-github-j-keck-arping: before 1.0.2-3.fc37
golang-github-intel-goresctrl: before 0.2.0-5.fc37
golang-github-instrumenta-kubeval: before 0.15.0-8.fc37
golang-github-insomniacslk-termhook: before 0-6.20210406gita267c97.fc37
golang-github-hpcloud-tail: before 1.0.0-10.20190325gita1dbeea.fc37
golang-github-heistp-irtt: before 0.9.1-2.fc37
golang-github-hashicorp-sockaddr: before 1.0.2-11.fc37
golang-github-hashicorp-memdb: before 1.3.0-5.fc37
golang-github-hashicorp-hclog: before 0.15.0-5.fc37
golang-github-hashicorp-consul-migrate: before 0.1.0-9.20190602git678fb10.fc37
golang-github-haproxytech-dataplaneapi: before 2.4.4-4.fc37
golang-github-haproxytech-client-native: before 2.5.3-3.fc37
golang-github-gucumber: before 0-0.23.20190703git7d5c79e.fc37
golang-github-grpc-ecosystem-gateway-2: before 2.7.3-4.fc37
golang-github-gorhill-cronexpr: before 1.0.0-4.fc37
golang-github-googlecloudplatform-cloudsql-proxy: before 1.19.1-6.fc37
golang-github-googleapis-gnostic: before 0.5.3-6.fc37
golang-github-google-wire: before 0.5.0-3.fc37
golang-github-google-slothfs: before 0-0.11.20200727git59c1163.fc37
golang-github-google-pprof: before 0-16.20210802gitc50bf4f.fc37
golang-github-google-martian: before 3.1.0-9.fc37
golang-github-google-jsonnet: before 0.17.0-5.fc37
golang-github-google-dap: before 0.4.0-4.fc37
golang-github-google-containerregistry: before 0.5.1-5.fc37
golang-github-golangci-lint-1: before 0-0.5.20200828gitd2cdd8c.fc37
golang-github-gohugoio-testmodbuilder: before 0-0.10.20201030git72e1e0c.fc37
golang-github-gohugoio-localescompressed: before 1.0.1-2.fc37
golang-github-gogo-googleapis: before 1.4.1-4.fc37
golang-github-gocolly-colly-2: before 2.1.0-4.20210920git2f09941.fc37
golang-github-gobwas-ws: before 1.1.0-3.fc37
golang-github-gobuffalo-here: before 0.6.2-5.fc37
golang-github-geertjohan-rice: before 1.0.2-5.fc37
golang-github-gdamore-tcell-2: before 2.5.0-2.fc37
golang-github-gdamore-tcell: before 1.4.0-5.fc37
golang-github-fvbommel-util: before 0.0.3-5.fc37
golang-github-francoispqt-gojay: before 1.2.13-7.fc37
golang-github-fernet: before 0-0.9.20200726giteff2850.fc37
golang-github-evanw-esbuild: before 0.14.38-2.fc37
golang-github-etcd-io-gofail: before 0-0.3.20210808gitad7f989.fc37
golang-github-envoyproxy-protoc-gen-validate: before 0.4.1-6.fc37
golang-github-emersion-smtp: before 0.15.0-4.fc37
golang-github-elazarl-bindata-assetfs: before 1.0.1-9.fc37
golang-github-eknkc-amber: before 0-0.17.20190601gitcdade1c.fc37
golang-github-dustinkirkland-petname: before 0-0.6.20200605git8e5a1ed.fc37
golang-github-dreamacro-shadowsocks2: before 0.1.7-6.fc37
golang-github-dgrijalva-jwt: before 3.2.0-11.fc37
golang-github-deepmap-oapi-codegen: before 1.8.2-3.fc37
golang-github-dave-jennifer: before 1.4.1-5.fc37
golang-github-cucumber-godog: before 0.12.1-4.fc37
golang-github-cpuguy83-md2man: before 2.0.2-2.fc37
golang-github-cpu-goacmedns: before 0.1.1-5.fc37
golang-github-coredns-corefile-migration: before 1.0.11-6.fc37
golang-github-containerd-fuse-overlayfs-snapshotter: before 1.0.2-7.fc37
golang-github-containerd-continuity: before 0.2.2-3.fc37
golang-github-colinmarc-hdfs-2: before 2.2.0-4.fc37
golang-github-cockroachdb-pebble: before 0-0.8.20210108git48f5530.fc37
golang-github-cloudflare-redoctober: before 0-0.11.20210114git99c99a8.fc37
golang-github-cloudflare: before 0.21.0-3.fc37
golang-github-client9-plaintext: before 0-0.8.20190703git5bf47e7.fc37
golang-github-client9-gospell: before 0-0.11.20190524git90dfc71.fc37
golang-github-cilium-ebpf: before 0.8.0-2.fc37
golang-github-chromedp: before 0.8.1-2.fc37
golang-github-christrenkamp-goxpath: before 0-0.6.20200627gitc5096ec.fc37
golang-github-chris-ramon-douceur: before 0.2.0-5.20200910gitf346305.fc37
golang-github-chai2010-gettext: before 1.0.2-6.fc37
golang-github-cespare-xxhash: before 2.1.2-3.fc37
golang-github-c-bata-prompt: before 0.2.6-4.fc37
golang-github-burntsushi-xgb: before 0-0.15.20210108git5f9e7b3.fc37
golang-github-burntsushi-toml: before 1.0.0-5.fc37
golang-github-appc-goaci: before 0.1.1-12.fc37
golang-github-apache-beam-2: before 2.33.0~RC1-7.fc37
golang-github-acme-lego: before 4.4.0-6.fc37
golang-github-a8m-tree: before 0-0.16.20210725gitce3525c.fc37
golang-etcd-bbolt: before 1.3.6-4.fc37
golang-entgo-ent: before 0.10.0-4.fc37
golang-bug-serial-1: before 1.3.5-3.fc37
golang-ariga-atlas: before 0.3.6-3.fc37
gojq: before 0.12.8-3.fc37
godotenv: before 1.4.0-4.fc37
gmailctl: before 0.10.4-3.fc37
gitjacker: before 0.0.2-8.fc37
fzf: before 0.30.0-3.fc37
duf: before 0.8.1-3.fc37
doctl: before 1.77.0-3.fc37
dnsx: before 1.1.0-3.fc37
dnscrypt-proxy: before 2.1.1-4.fc37
deepin-gir-generator: before 2.1.0-3.fc37
clash: before 1.8.0-4.fc37
buildah: before 1.26.1-4.fc37
asciigraph: before 0.5.4-3.fc37
age: before 1.0.0-5.fc37
aerc: before 0.10.0-3.fc37
3mux: before 1.1.0-5.fc37
CPE2.3https://bodhi.fedoraproject.org/updates/FEDORA-2022-8d0c218ca7
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU66122
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-30629
CWE-ID:
CWE-330 - Use of Insufficiently Random Values
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker gain access to sensitive information.
The vulnerability exists in crypto/tls implementation when generating TLS tickets age. The newSessionTicketMsgTLS13.ageAdd is always set to "0" instead of a random value.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 37
yubihsm-connector: before 3.0.2-3.fc37
yggdrasil: before 0.2.98^1.ffb580f-0.2.20220127gitffb580f.fc37
xq: before 0.0.7-4.fc37
xe-guest-utilities-latest: before 7.30.0-4.fc37
wgctrl: before 0-0.11.20210811git4253848.fc37
weldr-client: before 35.5-2.fc37
webanalyze: before 0.3.1-6.fc37
vultr-cli: before 2.12.2-2.fc37
vultr: before 2.0.3-5.fc37
vgrep: before 2.6.0-2.fc37
toolbox: before 0.0.99.3-5.fc37
tmux-top: before 0.1.1-2.fc37
tiedot: before 3.4-8.fc37
terrier: before 0.0.2-6.fc37
sysutil: before 0-0.7.20200615git15668db.fc37
syncthing: before 1.20.2-2.fc37
swig: before 4.0.2-16.fc37
subfinder: before 2.5.2-2.fc37
source-to-image: before 1.3.1-4.fc37
snowcrash: before 0-0.7.20201119git49b99ad.fc37
snapd: before 2.55.3-2.fc37
skopeo: before 1.8.0-9.fc37
singularity: before 3.8.7-2.fc37
shhgit: before 0.2-7.fc37
shellz: before 1.5.0-7.fc37
runc: before 1.1.1-2.fc37
restic: before 0.12.1-3.fc37
reposurgeon: before 4.32-2.fc37
rclone: before 1.57.0-4.fc37
powerline-go: before 1.21.0-4.fc37
podman-tui: before 0.4.0-2.fc37
podman: before 4.1.1-2.fc37
pack: before 0.27.0~rc1-4.fc37
osbuild-composer: before 55-2.fc37
origin: before 3.11.2-6.fc37
open-policy-agent: before 0.31.0-5.fc37
onionscan: before 0.2-7.fc37
ohmybackup: before 0-0.6.20200526git50f2fce.fc37
oci-seccomp-bpf-hook: before 1.2.5-3.fc37
nex: before 20210330-3.fc37
netscanner: before 0-0.5.20201116git8baab36.fc37
nebula: before 1.5.2-4.fc37
nats-server: before 2.1.9-6.fc37
mqttcli: before 0.2.3-2.fc37
moby-engine: before 20.10.17-3.fc37
micro: before 2.0.8-5.fc37
meshbird: before 2.3-6.fc37
meg: before 0.2.4-6.fc37
mass3: before 0-0.6.20200627gite1d5f1a.fc37
manifest-tool: before 2.0.3-2.fc37
kubernetes: before 1.24.1-2.fc37
kompose: before 1.17.0-9.fc37
kiln: before 0.2.0-4.fc37
kata-containers: before 2.4.2-1.fc37.1
jid: before 0.7.6-9.fc37
ignition: before 2.14.0-2.fc37
hulk: before 0-0.6.20200620git9670699.fc37
httprobe: before 0.1.2-6.fc37
htmltest: before 0.15.0-3.fc37
hcloud: before 1.29.5-3.fc37
hakrevdns: before 0-0.5.20201116git9fa2d59.fc37
grpcurl: before 1.8.6-3.fc37
gron: before 0.7.1-2.fc37
graphviz: before 4.0.0-4.fc37
grafana-pcp: before 3.2.0-3.fc37
gotun: before 0-0.14.gita9dbe4d.fc37
gotags: before 1.4.1-8.fc37
gopass-jsonapi: before 1.11.1-2.20220511git5dc831e.fc37
gopass-hibp: before 1.12.0-2.20220511gitd4baae0.fc37
gopass: before 1.14.2-2.fc37
google-guest-agent: before 20201217.02-4.fc37
gomtree: before 0.4.0-11.fc37
goloris: before 0-0.6.20200326gita59fafb.fc37
golist: before 0.10.1-9.fc37
golang-x-text: before 0.3.7-2.fc37
golang-x-perf: before 0-0.15.20210123gitbdcc622.fc37
golang-x-mod: before 0.6.0~dev-3.20220330git9b9b3d8.fc37
golang-x-lint: before 0-16.20210123git83fdc39.fc37
golang-x-exp: before 0-0.43.20220330git053ad81.fc37
golang-x-debug: before 0-0.14.20210123gitc934e1b.fc37
golang-vbom-util: before 0-0.11.20190520gitefcd4e0.fc37
golang-storj-drpc: before 0.0.16-6.fc37
golang-starlark: before 0-0.7.20210113gite81fc95.fc37
golang-sourcegraph-appdash: before 0-0.9.20210113gitebfcffb.fc37
golang-sigs-k8s-aws-iam-authenticator: before 0.5.2-6.fc37
golang-rsc-pdf: before 0.1.1-10.fc37
golang-mvdan-xurls: before 2.2.0-6.fc37
golang-mongodb-mongo-driver: before 1.4.5-6.fc37
golang-k8s-sample-controller: before 1.22.0-4.fc37
golang-k8s-sample-cli-plugin: before 1.22.0-4.fc37
golang-k8s-sample-apiserver: before 1.22.0-5.fc37
golang-k8s-pod-security-admission: before 1.22.0-3.fc37
golang-k8s-kube-openapi: before 0-0.21.20210813git3c81807.fc37
golang-k8s-kube-aggregator: before 1.22.0-4.fc37
golang-k8s-code-generator: before 1.22.0-4.fc37
golang-k8s-apiextensions-apiserver: before 1.22.0-6.fc37
golang-jaytaylor-html2text: before 0-0.2.20220509gitbc68cce.fc37
golang-honnef-tools: before 2021.1.2-2.20220304git852a31a.fc37
golang-gopkg-src-d-git-4: before 4.13.1-8.fc37
golang-gopkg-square-jose-2: before 2.6.0-3.fc37
golang-gopkg-neurosnap-sentences-1: before 1.0.6-14.fc37
golang-google-protobuf: before 1.27.1-5.fc37
golang-google-appengine: before 1.6.7-5.fc37
golang-gitlab-commonmark-linkify: before 0-0.9.20200805git64bca66.fc37
golang-github-zyedidia-highlight: before 0-0.6.20200218git291680f.fc37
golang-github-yuin-gopher-lua: before 0-23.20220305gitf4c35e4.fc37
golang-github-xordataexchange-crypt: before 0.0.2-12.20190412gitb2862e3.fc37
golang-github-xo-terminfo: before 0-0.6.20210113gitc22d04b.fc37
golang-github-vmware-govmomi: before 0.24.0-5.fc37
golang-github-vincent-petithory-dataurl: before 0-0.7.20200110gitd1553a7.fc37
golang-github-vbatts-tar-split: before 0.11.1-10.fc37
golang-github-valyala-fasthttp: before 1.29.0-3.fc37
golang-github-ulikunitz-xz: before 0.5.10-4.fc37
golang-github-uber-jaeger-client: before 2.30.0-2.fc37
golang-github-uber-athenadriver: before 1.1.12-5.fc37
golang-github-u-root-iscsinl: before 0.1.0-4.fc37
golang-github-twpayne-waypoint: before 0-0.4.20210130git4f8e6bf.fc37
golang-github-twitchtv-twirp: before 8.1.0-4.fc37
golang-github-tscholl2-siec: before 0-3.20211128git9bdfc48.fc37
golang-github-tomnomnom-xtermcolor: before 0.1.2-8.fc37
golang-github-tklauser-numcpus: before 0.2.3-2.fc37
golang-github-temoto-robotstxt: before 1.1.2-3.fc37
golang-github-stomp-3: before 3.0.2-3.fc37
golang-github-sqshq-sampler: before 1.1.0-9.fc37
golang-github-spyzhov-ajson: before 0.4.2-1.fc37
golang-github-sourcegraph-syntaxhighlight: before 0-0.11.20180418gitbd320f5.fc37
golang-github-snappy: before 0.0.2-6.fc37
golang-github-skip2-qrcode: before 0-2.20220316gitda1b656.fc37
golang-github-shurcool-vfsgen: before 0-0.11.20210113git0d455de.fc37
golang-github-shulhan-bindata: before 3.6.1-6.fc37
golang-github-shellcode33-vm-detection: before 0-0.6.20200715git4fd05cb.fc37
golang-github-segmentio-ksuid: before 1.0.4-3.fc37
golang-github-rwcarlsen-goexif: before 0-0.9.20191017git9e8deec.fc37
golang-github-rubenv-sql-migrate: before 0-0.4.20210529gita32ed26.fc37
golang-github-rogpeppe-internal: before 1.8.1-2.fc37
golang-github-rickb777-date: before 1.19.1-2.fc37
golang-github-redteampentesting-monsoon: before 0.6.0-6.fc37
golang-github-rcrowley-metrics: before 0-0.28.20210110gitcf1acfc.fc37
golang-github-rakyll-statik: before 0.1.7-8.fc37
golang-github-quay-goval-parser: before 0.8.6-4.fc37
golang-github-prometheus-tsdb: before 0.10.0-7.fc37
golang-github-prometheus-prom2json: before 1.3.0-8.20210811git90766c0.fc37
golang-github-prometheus-node-exporter: before 1.3.1-8.fc37
golang-github-prometheus: before 2.32.1-5.fc37
golang-github-projectdiscovery-mapcidr: before 0.0.8-3.fc37
golang-github-projectdiscovery-chaos-client: before 0.2.0-2.fc37
golang-github-pressly-goose: before 2.7.0-4.fc37
golang-github-pquerna-ffjson: before 0-0.9.20200730gitaa0246c.fc37
golang-github-posener-complete-2: before 2.0.1~alpha.13-5.fc37
golang-github-pkg-diff: before 0-0.4.20210406git20ebb0f.fc37
golang-github-pierrre-geohash: before 1.0.0-4.fc37
golang-github-pierrec-lz4: before 4.1.3-5.fc37
golang-github-phayes-freeport: before 1.0.2-6.fc37
golang-github-pelletier-toml-2: before 2.0.0~beta.8-4.fc37
golang-github-pelletier-toml: before 1.9.4-2.fc37
golang-github-pdfcpu: before 0.3.13-2.fc37
golang-github-onsi-ginkgo-2: before 2.1.4-2.fc37
golang-github-oneofone-xxhash: before 1.2.8-5.fc37
golang-github-olekukonko-tablewriter: before 0.0.5-3.fc37
golang-github-oklog: before 0.3.2-10.20190701gitca7cdf5.fc37
golang-github-nxadm-tail: before 1.4.6-7.fc37
golang-github-nicksnyder-i18n-2: before 2.1.2-5.fc37
golang-github-nbutton23-zxcvbn: before 0.1-8.20210110gite56b841.fc37
golang-github-nats-io-streaming-server: before 0.20.0-5.fc37
golang-github-nats-io-nkeys: before 0.2.0-5.fc37
golang-github-mvo5-uboot: before 0.4-10.fc37
golang-github-multiformats-multihash: before 0.1.0-2.fc37
golang-github-multiformats-multibase: before 0.0.3-2.20220213gitf067816.fc37
golang-github-msprev-fzf-bibtex: before 1.1-5.20220205gitd5df2c6.fc37
golang-github-mrunalp-fileutils: before 0.5.0-5.fc37
golang-github-mozillazg-pinyin: before 0.19.0-4.fc37
golang-github-morikuni-aec: before 1.0.0-5.fc37
golang-github-mock: before 1.6.0-3.fc37
golang-github-mmarkdown-mmark: before 2.2.10-5.fc37
golang-github-microcosm-cc-bluemonday: before 1.0.17-3.fc37
golang-github-mholt-archiver: before 3.5.1-3.fc37
golang-github-mgutz-ansi: before 0-0.13.20200729gitd51e80e.fc37
golang-github-mdlayher-dhcp6: before 0-0.8.20200429git2a67805.fc37
golang-github-mbndr-figlet4go: before 0-0.8.20191009gitd6cef5b.fc37
golang-github-mattn-colorable: before 0.1.8-5.fc37
golang-github-martinhoefling-goxkcdpwgen: before 0.1.0-2.fc37
golang-github-markbates-pkger: before 0.17.1-5.fc37
golang-github-mailru-easyjson: before 0.7.6-5.fc37
golang-github-magefile-mage: before 1.11.0-5.fc37
golang-github-lunixbochs-vtclean: before 1.0.0-8.fc37
golang-github-lofanmi-pinyin: before 1.0-4.fc37
golang-github-liamg-tml: before 0.6.0-2.fc37
golang-github-leveldb: before 0-0.9.20190701git259d925.fc37
golang-github-letsencrypt-pebble: before 2.3.1-5.fc37
golang-github-leonelquinteros-gotext: before 1.5.0-2.fc37
golang-github-ledisdb: before 0.6-5.20210112gitd35789e.fc37
golang-github-kyokomi-emoji: before 2.2.8-5.fc37
golang-github-krishicks-yaml-patch: before 0.0.10-8.20200307git05b3177.fc37
golang-github-kr-text: before 0.2.0-5.fc37
golang-github-kalafut-imohash: before 1.0.2-3.fc37
golang-github-jwt: before 3.2.2-3.fc37
golang-github-jsonnet-bundler: before 0.4.0-8.fc37
golang-github-jmespath: before 0.4.0-5.fc37
golang-github-j-keck-arping: before 1.0.2-3.fc37
golang-github-intel-goresctrl: before 0.2.0-5.fc37
golang-github-instrumenta-kubeval: before 0.15.0-8.fc37
golang-github-insomniacslk-termhook: before 0-6.20210406gita267c97.fc37
golang-github-hpcloud-tail: before 1.0.0-10.20190325gita1dbeea.fc37
golang-github-heistp-irtt: before 0.9.1-2.fc37
golang-github-hashicorp-sockaddr: before 1.0.2-11.fc37
golang-github-hashicorp-memdb: before 1.3.0-5.fc37
golang-github-hashicorp-hclog: before 0.15.0-5.fc37
golang-github-hashicorp-consul-migrate: before 0.1.0-9.20190602git678fb10.fc37
golang-github-haproxytech-dataplaneapi: before 2.4.4-4.fc37
golang-github-haproxytech-client-native: before 2.5.3-3.fc37
golang-github-gucumber: before 0-0.23.20190703git7d5c79e.fc37
golang-github-grpc-ecosystem-gateway-2: before 2.7.3-4.fc37
golang-github-gorhill-cronexpr: before 1.0.0-4.fc37
golang-github-googlecloudplatform-cloudsql-proxy: before 1.19.1-6.fc37
golang-github-googleapis-gnostic: before 0.5.3-6.fc37
golang-github-google-wire: before 0.5.0-3.fc37
golang-github-google-slothfs: before 0-0.11.20200727git59c1163.fc37
golang-github-google-pprof: before 0-16.20210802gitc50bf4f.fc37
golang-github-google-martian: before 3.1.0-9.fc37
golang-github-google-jsonnet: before 0.17.0-5.fc37
golang-github-google-dap: before 0.4.0-4.fc37
golang-github-google-containerregistry: before 0.5.1-5.fc37
golang-github-golangci-lint-1: before 0-0.5.20200828gitd2cdd8c.fc37
golang-github-gohugoio-testmodbuilder: before 0-0.10.20201030git72e1e0c.fc37
golang-github-gohugoio-localescompressed: before 1.0.1-2.fc37
golang-github-gogo-googleapis: before 1.4.1-4.fc37
golang-github-gocolly-colly-2: before 2.1.0-4.20210920git2f09941.fc37
golang-github-gobwas-ws: before 1.1.0-3.fc37
golang-github-gobuffalo-here: before 0.6.2-5.fc37
golang-github-geertjohan-rice: before 1.0.2-5.fc37
golang-github-gdamore-tcell-2: before 2.5.0-2.fc37
golang-github-gdamore-tcell: before 1.4.0-5.fc37
golang-github-fvbommel-util: before 0.0.3-5.fc37
golang-github-francoispqt-gojay: before 1.2.13-7.fc37
golang-github-fernet: before 0-0.9.20200726giteff2850.fc37
golang-github-evanw-esbuild: before 0.14.38-2.fc37
golang-github-etcd-io-gofail: before 0-0.3.20210808gitad7f989.fc37
golang-github-envoyproxy-protoc-gen-validate: before 0.4.1-6.fc37
golang-github-emersion-smtp: before 0.15.0-4.fc37
golang-github-elazarl-bindata-assetfs: before 1.0.1-9.fc37
golang-github-eknkc-amber: before 0-0.17.20190601gitcdade1c.fc37
golang-github-dustinkirkland-petname: before 0-0.6.20200605git8e5a1ed.fc37
golang-github-dreamacro-shadowsocks2: before 0.1.7-6.fc37
golang-github-dgrijalva-jwt: before 3.2.0-11.fc37
golang-github-deepmap-oapi-codegen: before 1.8.2-3.fc37
golang-github-dave-jennifer: before 1.4.1-5.fc37
golang-github-cucumber-godog: before 0.12.1-4.fc37
golang-github-cpuguy83-md2man: before 2.0.2-2.fc37
golang-github-cpu-goacmedns: before 0.1.1-5.fc37
golang-github-coredns-corefile-migration: before 1.0.11-6.fc37
golang-github-containerd-fuse-overlayfs-snapshotter: before 1.0.2-7.fc37
golang-github-containerd-continuity: before 0.2.2-3.fc37
golang-github-colinmarc-hdfs-2: before 2.2.0-4.fc37
golang-github-cockroachdb-pebble: before 0-0.8.20210108git48f5530.fc37
golang-github-cloudflare-redoctober: before 0-0.11.20210114git99c99a8.fc37
golang-github-cloudflare: before 0.21.0-3.fc37
golang-github-client9-plaintext: before 0-0.8.20190703git5bf47e7.fc37
golang-github-client9-gospell: before 0-0.11.20190524git90dfc71.fc37
golang-github-cilium-ebpf: before 0.8.0-2.fc37
golang-github-chromedp: before 0.8.1-2.fc37
golang-github-christrenkamp-goxpath: before 0-0.6.20200627gitc5096ec.fc37
golang-github-chris-ramon-douceur: before 0.2.0-5.20200910gitf346305.fc37
golang-github-chai2010-gettext: before 1.0.2-6.fc37
golang-github-cespare-xxhash: before 2.1.2-3.fc37
golang-github-c-bata-prompt: before 0.2.6-4.fc37
golang-github-burntsushi-xgb: before 0-0.15.20210108git5f9e7b3.fc37
golang-github-burntsushi-toml: before 1.0.0-5.fc37
golang-github-appc-goaci: before 0.1.1-12.fc37
golang-github-apache-beam-2: before 2.33.0~RC1-7.fc37
golang-github-acme-lego: before 4.4.0-6.fc37
golang-github-a8m-tree: before 0-0.16.20210725gitce3525c.fc37
golang-etcd-bbolt: before 1.3.6-4.fc37
golang-entgo-ent: before 0.10.0-4.fc37
golang-bug-serial-1: before 1.3.5-3.fc37
golang-ariga-atlas: before 0.3.6-3.fc37
gojq: before 0.12.8-3.fc37
godotenv: before 1.4.0-4.fc37
gmailctl: before 0.10.4-3.fc37
gitjacker: before 0.0.2-8.fc37
fzf: before 0.30.0-3.fc37
duf: before 0.8.1-3.fc37
doctl: before 1.77.0-3.fc37
dnsx: before 1.1.0-3.fc37
dnscrypt-proxy: before 2.1.1-4.fc37
deepin-gir-generator: before 2.1.0-3.fc37
clash: before 1.8.0-4.fc37
buildah: before 1.26.1-4.fc37
asciigraph: before 0.5.4-3.fc37
age: before 1.0.0-5.fc37
aerc: before 0.10.0-3.fc37
3mux: before 1.1.0-5.fc37
CPE2.3https://bodhi.fedoraproject.org/updates/FEDORA-2022-8d0c218ca7
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.