---

Log

CVE-2022-33070 edited at 19 Feb 2023 12:30:35
Remote	- Unknown + Remote

AVG-2826 edited at 19 Feb 2023 12:29:19
Severity	- Unknown + Medium

CVE-2022-33070 edited at 19 Feb 2023 12:29:19
Severity	- Unknown + Medium
Type	- Unknown + Denial of service
Description	+ invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c
References
Notes

AVG-2826 created at 19 Feb 2023 12:28:21
Packages	+ protobuf-c
Issues	+ CVE-2022-33070
Status	+ Unknown
Severity	+ Unknown
Affected	+ 1.4.0-4
Fixed	+ 1.4.1-1
Ticket
Advisory qualified	+ No
References	+ https://github.com/protobuf-c/protobuf-c/issues/506 + https://github.com/protobuf-c/protobuf-c/pull/508
Notes

CVE-2022-33070 created at 19 Feb 2023 12:28:21

AVG-2825 created at 19 Feb 2023 12:24:40
Packages	+ protobuf + python-protobuf
Issues	+ CVE-2022-1941
Status	+ Fixed
Severity	+ Unknown
Affected	+ 21.5-1
Fixed	+ 21.6-1
Ticket
Advisory qualified	+ No
References	+ https://cloud.google.com/support/bulletins#GCP-2022-019 + https://www.openwall.com/lists/oss-security/2022/09/27/1 + https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-8gq9-2x98-w8hf
Notes

CVE-2022-1941 created at 19 Feb 2023 12:24:40

AVG-2824 edited at 19 Feb 2023 11:26:58
References	+ https://httpd.apache.org/security/vulnerabilities_24.html

AVG-2824 created at 19 Feb 2023 11:25:19
Packages	+ apache
Issues	+ CVE-2006-20001 + CVE-2022-36760 + CVE-2022-37436
Status	+ Fixed
Severity	+ Unknown
Affected	+ 2.4.54-3
Fixed	+ 2.4.55-1
Ticket
Advisory qualified	+ No
References
Notes

CVE-2006-20001 created at 19 Feb 2023 11:25:19

AVG-2824 created at 19 Feb 2023 11:25:19
Packages	+ apache
Issues	+ CVE-2006-20001 + CVE-2022-36760 + CVE-2022-37436
Status	+ Fixed
Severity	+ Unknown
Affected	+ 2.4.54-3
Fixed	+ 2.4.55-1
Ticket
Advisory qualified	+ No
References
Notes

CVE-2022-36760 created at 19 Feb 2023 11:25:19

AVG-2824 created at 19 Feb 2023 11:25:19
Packages	+ apache
Issues	+ CVE-2006-20001 + CVE-2022-36760 + CVE-2022-37436
Status	+ Fixed
Severity	+ Unknown
Affected	+ 2.4.54-3
Fixed	+ 2.4.55-1
Ticket
Advisory qualified	+ No
References
Notes

CVE-2022-37436 created at 19 Feb 2023 11:25:19

CVE-2021-44854 edited at 26 Jan 2023 20:26:31
Description
References	+ https://phabricator.wikimedia.org/T292763 + https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/QEN3EK4JXAVJMJ5GF3GYOAKNJPEKFQYA/
Notes

CVE-2021-44855 edited at 26 Jan 2023 20:26:11
Description
References	+ https://phabricator.wikimedia.org/T293589 + https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/QEN3EK4JXAVJMJ5GF3GYOAKNJPEKFQYA/
Notes