正文

Arch Linux代码问题漏洞

admin
admin V管理员 /0 评论 /9 阅读
0306
此篇文章发布距今已超过1159天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

Arch Linux代码问题漏洞

  • CNNVD编号:CNNVD-202107-1567
    • <!--
  • 危害等级: 中危-->
  • 危害等级: 中危
  • CVE编号: CVE-2021-22922
  • 漏洞类型: 代码问题
  • 发布时间: 2021-07-21
  • 威胁类型: 远程
  • 更新时间: 2021-11-23
  • 厂        商:
  • 漏洞来源:

漏洞简介

Arch Linux是Arch开源的一个应用系统。一个轻量级且灵活的Linux®发行版,试图使它保持简单。

Arch Linux中存在代码问题漏洞,该漏洞源于未能充分验证用户输入的XML数据,攻击者可通过该漏洞向受影响的应用程序传递专门编写的XML代码,并查看系统上任意文件的内容,或向外部系统发起请求。以下产品及版本受到影响: Arch Linux Curl 7.78.0-1 之前版本。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,详情请关注厂商主页:

https://security.archlinux.org/advisory/ASA-202107-59

参考网址

来源:MLIST

链接:https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/

来源:CONFIRM

链接:https://security.netapp.com/advisory/ntap-20210902-0003/

来源:MISC

链接:https://hackerone.com/reports/1213175

来源:MLIST

链接:https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E

来源:MISC

链接:https://www.oracle.com/security-alerts/cpuoct2021.html

来源:MLIST

链接:https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164342/Red-Hat-Security-Advisory-2021-3694-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164282/Red-Hat-Security-Advisory-2021-3653-01.html

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021072204

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021112309

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164755/Red-Hat-Security-Advisory-2021-4104-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3848

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3649

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3211

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164523/Red-Hat-Security-Advisory-2021-3873-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3430

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3472

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021072814

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3499

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021102005

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2021-22922

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164221/Red-Hat-Security-Advisory-2021-3582-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164511/Red-Hat-Security-Advisory-2021-3851-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164583/Red-Hat-Security-Advisory-2021-3949-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2526

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021092221

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164901/Red-Hat-Security-Advisory-2021-4582-02.html

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/curl-data-transit-via-Metalink-Not-Discarded-35953

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3878

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021110313

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164948/Red-Hat-Security-Advisory-2021-4618-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3167

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2473

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021092811

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3485

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3941

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164550/Red-Hat-Security-Advisory-2021-3903-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164562/Red-Hat-Security-Advisory-2021-3925-01.html

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021102116

受影响实体

    暂无


补丁

  • Arch Linux代码问题漏洞的修复措施
    <!--
    2021-7-21
    -->