security/vuxml/vuln-2022.xml

  <vuln vid="79ea6066-b40e-11ec-8b93-080027b24e86">
    <topic>mediawiki -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>mediawiki135</name>
	<range><lt>1.35.6</lt></range>
      </package>
      <package>
	<name>mediawiki136</name>
	<range><lt>1.36.4</lt></range>
      </package>
      <package>
	<name>mediawiki137</name>
	<range><lt>1.37.2</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Mediawiki reports:</p>
	<blockquote cite="https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/message/YJNXKPV5Z56NSUQ4G3SXPDUIZG5EQ7UR/">
	  <p>(T297543, CVE-2022-28202) Messages widthheight/widthheightpage/nbytes not
	    escaped when used in galleries or Special:RevisionDelete.</p>
	  <p>(T297571, CVE-2022-28201) Title::newMainPage() goes into an infinite
	    recursion loop if it points to a local interwiki.</p>
	  <p>(T297731, CVE-2022-28203) Requesting Special:NewFiles on a wiki with many
	    file uploads with actor as a condition can result in a DoS.</p>
	  <p>(T297754, CVE-2022-28204) Special:WhatLinksHere can result in a DoS when
	    a page is used on a extremely large number of other pages.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-28201</cvename>
      <cvename>CVE-2022-28202</cvename>
      <cvename>CVE-2022-28203</cvename>
      <cvename>CVE-2022-28204</cvename>
      <url>https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/message/YJNXKPV5Z56NSUQ4G3SXPDUIZG5EQ7UR/</url>
    </references>
    <dates>
      <discovery>2021-12-12</discovery>
      <entry>2022-04-04</entry>
    </dates>
  </vuln>

  <vuln vid="3f321a5a-b33b-11ec-80c2-1bb2c6a00592">
    <topic>dnsmasq -- heap use-after-free in dhcp6_no_relay</topic>
    <affects>
      <package>
	<name>dnsmasq</name>
	<range><lt>2.86_4,1</lt></range>
      </package>
      <package>
	<name>dnsmasq-devel</name>
	<range><lt>2.86_4,1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Petr Menšík reports:</p>
	<blockquote cite="https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html">
	  <p>Possible vulnerability [...] found in latest dnsmasq. It [was] found
	    with help of oss-fuzz Google project by me and short after that
	    independently also by Richard Johnson of Trellix Threat Labs.</p>
	  <p>It is affected only by DHCPv6 requests, which could be crafted to
	    modify already freed memory. [...] We think it might be triggered
	    remotely, but we do not think it could be used to execute remote
	    code.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0934</cvename>
      <url>https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html</url>
    </references>
    <dates>
      <discovery>2022-03-31</discovery>
      <entry>2022-04-03</entry>
    </dates>
  </vuln>

  <vuln vid="83466f76-aefe-11ec-b4b6-d05099c0c059">
    <topic>gitea -- Open Redirect on login</topic>
    <affects>
      <package>
	<name>gitea</name>
	<range><lt>1.16.5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Andrew Thornton reports:</p>
	<blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1058">
	  <p>
	    When a location containing backslashes is presented, the existing
	    protections against open redirect are bypassed, because browsers
	    will convert adjacent forward and backslashes within the location
	    to double forward slashes.
	  </p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-1058</cvename>
      <url>https://huntr.dev/bounties/4fb42144-ac70-4f76-a5e1-ef6b5e55dc0d/</url>
    </references>
    <dates>
      <discovery>2022-03-23</discovery>
      <entry>2022-03-29</entry>
    </dates>
  </vuln>

  <vuln vid="0ff80f41-aefe-11ec-b4b6-d05099c0c059">
    <topic>gitea -- Improper/incorrect authorization</topic>
    <affects>
      <package>
	<name>gitea</name>
	<range><lt>1.16.4</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Youssef Rebahi-Gilbert reports:</p>
	<blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0905">
	  <p>
	    When Gitea is built and configured for PAM authentication
	    it skips checking authorization completely. Therefore expired
	    accounts and accounts with expired passwords can still login.
	  </p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0905</cvename>
      <url>https://huntr.dev/bounties/8d221f92-b2b1-4878-bc31-66ff272e5ceb</url>
    </references>
    <dates>
      <discovery>2022-03-06</discovery>
      <entry>2022-03-29</entry>
    </dates>
  </vuln>

  <vuln vid="ab2d7f62-af9d-11ec-a0b8-3065ec8fd3ec">
    <topic>chromium -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>chromium</name>
	<range><lt>100.0.4896.60</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Chrome Releases reports:</p>
	<blockquote cite="https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html">
	  <p>This release contains 28 security fixes, including:</p>
	  <ul>
	    <li>[1292261] High CVE-2022-1125: Use after free in Portals.
	      Reported by Khalil Zhani on 2022-01-29</li>
	    <li>[1291891] High CVE-2022-1127: Use after free in QR Code
	      Generator. Reported by anonymous on 2022-01-28</li>
	    <li>[1301920] High CVE-2022-1128: Inappropriate implementation in
	      Web Share API. Reported by Abdel Adim (@smaury92) Oisfi of
	      Shielder on 2022-03-01</li>
	    <li>[1300253] High CVE-2022-1129: Inappropriate implementation in
	      Full Screen Mode. Reported by Irvan Kurniawan (sourc7) on
	      2022-02-24</li>
	    <li>[1142269] High CVE-2022-1130: Insufficient validation of
	      untrusted input in WebOTP. Reported by Sergey Toshin of
	      Oversecurity Inc. on 2020-10-25</li>
	    <li>[1297404] High CVE-2022-1131: Use after free in Cast UI.
	      Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability
	      Research on 2022-02-15</li>
	    <li>[1303410] High CVE-2022-1132: Inappropriate implementation in
	      Virtual Keyboard. Reported by Andr.Ess on 2022-03-07</li>
	    <li>[1305776] High CVE-2022-1133: Use after free in WebRTC.
	      Reported by Anonymous on 2022-03-13</li>
	    <li>[1308360] High CVE-2022-1134: Type Confusion in V8. Reported by
	      Man Yue Mo of GitHub Security Lab on 2022-03-21</li>
	    <li>[1285601] Medium CVE-2022-1135: Use after free in Shopping Cart.
	      Reported by Wei Yuan of MoyunSec VLab on 2022-01-09</li>
	    <li>[1280205] Medium CVE-2022-1136: Use after free in Tab Strip.
	      Reported by Krace on 2021-12-15</li>
	    <li>[1289846] Medium CVE-2022-1137: Inappropriate implementation in
	      Extensions. Reported by Thomas Orlita on 2022-01-22</li>
	    <li>[1246188] Medium CVE-2022-1138: Inappropriate implementation in
	      Web Cursor. Reported by Alesandro Ortiz on 2021-09-03</li>
	    <li>[1268541] Medium CVE-2022-1139: Inappropriate implementation in
	      Background Fetch API. Reported by Maurice Dauer on 2021-11-10</li>
	    <li>[1303253] Medium CVE-2022-1141: Use after free in File Manager.
	      Reported by raven at KunLun lab on 2022-03-05</li>
	    <li>[1303613] Medium CVE-2022-1142: Heap buffer overflow in WebUI.
	      Reported by Leecraso and Guang Gong of 360 Alpha Lab on
	      2022-03-07</li>
	    <li>[1303615] Medium CVE-2022-1143: Heap buffer overflow in WebUI.
	      Reported by Leecraso and Guang Gong of 360 Alpha Lab on
	      2022-03-07</li>
	    <li>[1304145] Medium CVE-2022-1144: Use after free in WebUI.
	      Reported by Leecraso and Guang Gong of 360 Alpha Lab on
	      2022-03-08</li>
	    <li>[1304545] Medium CVE-2022-1145: Use after free in Extensions.
	      Reported by Yakun Zhang of Baidu Security on 2022-03-09</li>
	    <li>[1290150] Low CVE-2022-1146: Inappropriate implementation in
	      Resource Timing. Reported by Sohom Datta on 2022-01-23</li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-1125</cvename>
      <cvename>CVE-2022-1127</cvename>
      <cvename>CVE-2022-1128</cvename>
      <cvename>CVE-2022-1129</cvename>
      <cvename>CVE-2022-1130</cvename>
      <cvename>CVE-2022-1131</cvename>
      <cvename>CVE-2022-1132</cvename>
      <cvename>CVE-2022-1133</cvename>
      <cvename>CVE-2022-1134</cvename>
      <cvename>CVE-2022-1135</cvename>
      <cvename>CVE-2022-1136</cvename>
      <cvename>CVE-2022-1137</cvename>
      <cvename>CVE-2022-1138</cvename>
      <cvename>CVE-2022-1139</cvename>
      <cvename>CVE-2022-1141</cvename>
      <cvename>CVE-2022-1142</cvename>
      <cvename>CVE-2022-1143</cvename>
      <cvename>CVE-2022-1144</cvename>
      <cvename>CVE-2022-1145</cvename>
      <cvename>CVE-2022-1146</cvename>
      <url>https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html</url>
    </references>
    <dates>
      <discovery>2022-03-29</discovery>
      <entry>2022-03-29</entry>
    </dates>
  </vuln>

  <vuln vid="323f900d-ac6d-11ec-a0b8-3065ec8fd3ec">
    <topic>chromium -- V8 type confusion</topic>
    <affects>
      <package>
	<name>chromium</name>
	<range><lt>99.0.4844.84</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Chrome Releases reports:</p>
	<blockquote cite="https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html">
	  <p>This release contains 1 security fix:</p>
	  <ul>
	    <li>[1309225] High CVE-2022-1096: Type Confusion in V8. Reported by
	      anonymous on 2022-03-23</li>
	  </ul>
	  <p>Google is aware that an exploit for CVE-2022-1096 exists in the wild.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-1096</cvename>
      <url>https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html</url>
    </references>
    <dates>
      <discovery>2022-03-25</discovery>
      <entry>2022-03-25</entry>
    </dates>
  </vuln>

  <vuln vid="955f377e-7bc3-11ec-a51c-7533f219d428">
    <topic>Security Vulnerability found in ExifTool</topic>
    <affects>
      <package>
	<name>p5-Image-ExifTool</name>
	<range><ge>7.44</ge><lt>12.24</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Debian Security Advisory reports:</p>
	<blockquote cite="https://www.debian.org/security/2021/dsa-4910">
	  <p>A vulnerability was discovered in libimage-exiftool-perl, a library and program to read and write meta information in multimedia files, which may result in execution of arbitrary code if a malformed DjVu file is processed.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-22204</cvename>
      <url>https://www.cvedetails.com/cve/CVE-2021-22204/</url>
    </references>
    <dates>
      <discovery>2021-01-04</discovery>
      <entry>2022-03-25</entry>
    </dates>
  </vuln>

  <vuln vid="61f416ff-aa00-11ec-b439-000d3a450398">
    <topic>tcpslice -- heap-based use-after-free in extract_slice()</topic>
    <affects>
      <package>
	<name>tcpslice</name>
	<range><lt>1.5,1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Tcpdump Group reports:</p>
	<blockquote cite="https://github.com/the-tcpdump-group/tcpslice/commit/030859fce9c77417de657b9bb29c0f78c2d68f4a">
	  <p>heap-based use-after-free in extract_slice()</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-41043</cvename>
      <url>https://github.com/the-tcpdump-group/tcpslice/issues/11</url>
    </references>
    <dates>
      <discovery>2021-09-13</discovery>
      <entry>2022-03-22</entry>
    </dates>
  </vuln>

  <vuln vid="e2af876f-a7c8-11ec-9a2a-002324b2fba8">
    <topic>go -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>go</name>
	<range><lt>1.17.8,1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Go project reports:</p>
	<blockquote cite="https://github.com/golang/go/issues/51112">
	  <p>regexp: stack exhaustion compiling deeply nested expressions</p>
	  <p>On 64-bit platforms, an extremely deeply nested expression can
	    cause regexp.Compile to cause goroutine stack exhaustion, forcing
	    the program to exit. Note this applies to very large expressions, on
	    the order of 2MB.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-24921</cvename>
      <url>https://github.com/golang/go/issues/51112</url>
    </references>
    <dates>
      <discovery>2022-02-09</discovery>
      <entry>2022-03-19</entry>
    </dates>
  </vuln>

  <vuln vid="45a72180-a640-11ec-a08b-85298243e224">
    <topic>openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins</topic>
    <affects>
      <package>
	<name>openvpn</name>
	<range><lt>2.5.6</lt></range>
      </package>
      <package>
	<name>openvpn-mbedtls</name>
	<range><lt>2.5.6</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>David Sommerseth reports:</p>
	<blockquote cite="https://community.openvpn.net/openvpn/wiki/CVE-2022-0547">
	  <p>OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.  This issue is resolved in OpenVPN 2.4.12 and v2.5.6.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0547</cvename>
      <url>https://community.openvpn.net/openvpn/wiki/CVE-2022-0547</url>
      <url>https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst#overview-of-changes-in-256</url>
    </references>
    <dates>
      <discovery>2022-03-10</discovery>
      <entry>2022-03-17</entry>
    </dates>
  </vuln>

  <vuln vid="5df757ef-a564-11ec-85fa-a0369f7f7be0">
    <topic>wordpress -- multiple issues</topic>
    <affects>
      <package>
	<name>wordpress</name>
	<name>fr-wordpress</name>
	<range><lt>5.9.2,1</lt></range>
      </package>
      <package>
	<name>de-wordpress</name>
	<name>zh_CN-wordpress</name>
	<name>th_TW-wordpress</name>
	<name>ja-wordpress</name>
	<name>ru-wordpress</name>
	<range><lt>5.9.2</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>wordpress developers reports:</p>
	<blockquote cite="https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/">
	  <p>This security and maintenance release features 1 bug fix in addition to 3 security fixes.
	    Because this is a security release, it is recommended that you update your sites immediately.
	    All versions since WordPress 3.7 have also been updated.
	    The security team would like to thank the following people for responsively reporting
	    vulnerabilities, allowing them to be fixed in this release:
	    -Melar Dev, for finding a Prototype Pollution Vulnerability in a jQuery dependency
	    -Ben Bidner of the WordPress security team, for finding a Stored Cross Site Scripting Vulnerability
	    -Researchers from Johns Hopkins University, for finding a Prototype Pollution Vulnerability in the block editor</p>
	</blockquote>
      </body>
    </description>
    <references>
      <url>https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/</url>
    </references>
    <dates>
      <discovery>2022-03-11</discovery>
      <entry>2022-03-16</entry>
    </dates>
  </vuln>

  <vuln vid="3ba1ca94-a563-11ec-8be6-d4c9ef517024">
    <topic>Weechat -- Possible man-in-the-middle attack in TLS connection to servers</topic>
    <affects>
      <package>
	<name>weechat</name>
	<range><lt>3.4.1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Weechat project reports:</p>
	<blockquote cite="https://weechat.org/doc/security/WSA-2022-1/">
	  <p>After changing the options weechat.network.gnutls_ca_system or
	    weechat.network.gnutls_ca_user, the TLS verification function is lost.
	    Consequently, any connection to a server with TLS is made without
	    verifying the certificate, which could lead to a man-in-the-middle
	    attack. Connection to IRC servers with TLS is affected, as well as any
	    connection a server made by a plugin or a script using the function
	    hook_connect.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <url>https://weechat.org/doc/security/WSA-2022-1/</url>
    </references>
    <dates>
      <discovery>2022-03-13</discovery>
      <entry>2022-03-16</entry>
    </dates>
  </vuln>

  <vuln vid="ea05c456-a4fd-11ec-90de-1c697aa5a594">
    <topic>OpenSSL -- Infinite loop in BN_mod_sqrt parsing certificates</topic>
    <affects>
      <package>
	<name>openssl</name>
	<range><lt>1.1.1n,1</lt></range>
      </package>
      <package>
	<name>openssl-devel</name>
	<range><lt>3.0.2</lt></range>
      </package>
      <package>
	<name>openssl-quictls</name>
	<range><lt>3.0.2</lt></range>
      </package>
      <package>
	<name>libressl</name>
	<range><lt>3.4.3</lt></range>
      </package>
      <package>
	<name>libressl-devel</name>
	<range><lt>3.5.1</lt></range>
      </package>
      <package>
	<name>FreeBSD</name>
	<range><ge>13.0</ge><lt>13.0_8</lt></range>
	<range><ge>12.3</ge><lt>12.3_3</lt></range>
	<range><ge>12.2</ge><lt>12.2_14</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The OpenSSL project reports:</p>
	<blockquote cite="https://www.openssl.org/news/secadv/20220315.txt">
	<p>Infinite loop in BN_mod_sqrt() reachable when parsing certificates
	  (High)</p>
	<p>The BN_mod_sqrt() function, which computes a modular square root,
	  contains a bug that can cause it to loop forever for non-prime
	  moduli.</p>
	<p>Internally this function is used when parsing certificates that
	  contain elliptic curve public keys in compressed form or explicit
	  elliptic curve parameters with a base point encoded in compressed
	  form.</p>
	<p>It is possible to trigger the infinite loop by crafting a
	  certificate that has invalid explicit curve parameters.</p>
	<p>Since certificate parsing happens prior to verification of the
	  certificate signature, any process that parses an externally
	  supplied certificate may thus be subject to a denial of service
	  attack. The infinite loop can also be reached when parsing crafted
	  private keys as they can contain explicit elliptic curve
	  parameters.</p>
	<p>Thus vulnerable situations include:</p>
	<ul>
	  <li>TLS clients consuming server certificates</li>
	  <li>TLS servers consuming client certificates</li>
	  <li>Hosting providers taking certificates or private keys from
	    customers</li>
	  <li>Certificate authorities parsing certification requests from
	    subscribers</li>
	  <li>Anything else which parses ASN.1 elliptic curve parameters</li>
	</ul>
	<p>Also any other applications that use the BN_mod_sqrt() where the
	  attacker can control the parameter values are vulnerable to this DoS
	  issue.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0778</cvename>
      <url>https://www.openssl.org/news/secadv/20220315.txt</url>
      <freebsdsa>SA-22:03.openssl</freebsdsa>
    </references>
    <dates>
      <discovery>2022-03-15</discovery>
      <entry>2022-03-16</entry>
      <modified>2022-03-16</modified>
    </dates>
  </vuln>

  <vuln vid="8d20bd48-a4f3-11ec-90de-1c697aa5a594">
    <topic>FreeBSD-kernel -- Multiple WiFi issues</topic>
    <affects>
      <package>
	<name>FreeBSD-kernel</name>
	<range><ge>13.0</ge><lt>13.0_8</lt></range>
	<range><ge>12.3</ge><lt>12.3_3</lt></range>
	<range><ge>12.2</ge><lt>12.2_14</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<h1>Problem Description:</h1>
	<p>The paper "Fragment and Forge: Breaking Wi-Fi Through Frame
	Aggregation and Fragmentation" reported a number of security
	vulnerabilities in the 802.11 specification related to frame
	aggregation and fragmentation.</p>
	<p>Additionally, FreeBSD 12.x missed length validation of SSIDs and
	Information Elements (IEs).</p>
	<h1>Impact:</h1>
	<p>As reported on the FragAttacks website, the "design flaws are hard
	to abuse because doing so requires user interaction or is only
	possible when using uncommon network settings."  Under suitable
	conditions an attacker may be able to extract sensitive data or inject
	data.</p>
      </body>
    </description>
    <references>
      <cvename>CVE-2020-26147</cvename>
      <cvename>CVE-2020-24588</cvename>
      <cvename>CVE-2020-26144</cvename>
      <freebsdsa>SA-22:02.wifi</freebsdsa>
    </references>
    <dates>
      <discovery>2022-03-15</discovery>
      <entry>2022-03-16</entry>
    </dates>
  </vuln>

  <vuln vid="857be71a-a4b0-11ec-95fc-3065ec8fd3ec">
    <topic>chromium -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>chromium</name>
	<range><lt>98.0.4844.74</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Chrome Releases reports:</p>
	<blockquote cite="https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html">
	  <p>This release contains 11 security fixes, including:</p>
	  <ul>
	    <li>[1299422] Critical CVE-2022-0971: Use after free in Blink
	      Layout. Reported by Sergei Glazunov of Google Project Zero on
	      2022-02-21</li>
	    <li>[1301320] High CVE-2022-0972: Use after free in Extensions.
	      Reported by Sergei Glazunov of Google Project Zero on
	      2022-02-28</li>
	    <li>[1297498] High CVE-2022-0973: Use after free in Safe Browsing.
	      Reported by avaue and Buff3tts at S.S.L. on 2022-02-15</li>
	    <li>[1291986] High CVE-2022-0974: Use after free in Splitscreen.
	      Reported by @ginggilBesel on 2022-01-28</li>
	    <li>[1295411] High CVE-2022-0975: Use after free in ANGLE. Reported
	      by SeongHwan Park (SeHwa) on 2022-02-09</li>
	    <li>[1296866] High CVE-2022-0976: Heap buffer overflow in GPU.
	      Reported by Omair on 2022-02-13</li>
	    <li>[1299225] High CVE-2022-0977: Use after free in Browser UI.
	      Reported by Khalil Zhani on 2022-02-20</li>
	    <li>[1299264] High CVE-2022-0978: Use after free in ANGLE. Reported
	      by Cassidy Kim of Amber Security Lab, OPPO Mobile
	      Telecommunications Corp. Ltd. on 2022-02-20</li>
	    <li>[1302644] High CVE-2022-0979: Use after free in Safe Browsing.
	      Reported by anonymous on 2022-03-03</li>
	    <li>[1302157] Medium CVE-2022-0980: Use after free in New Tab Page.
	      Reported by Krace on 2022-03-02</li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0971</cvename>
      <cvename>CVE-2022-0972</cvename>
      <cvename>CVE-2022-0973</cvename>
      <cvename>CVE-2022-0974</cvename>
      <cvename>CVE-2022-0975</cvename>
      <cvename>CVE-2022-0976</cvename>
      <cvename>CVE-2022-0977</cvename>
      <cvename>CVE-2022-0978</cvename>
      <cvename>CVE-2022-0979</cvename>
      <cvename>CVE-2022-0980</cvename>
      <url>https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html</url>
    </references>
    <dates>
      <discovery>2022-03-15</discovery>
      <entry>2022-03-15</entry>
    </dates>
  </vuln>

  <vuln vid="6601c08d-a46c-11ec-8be6-d4c9ef517024">
    <topic>Apache httpd -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>apache24</name>
	<range><lt>2.4.53</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Apache httpd project reports:</p>
	<blockquote cite="https://httpd.apache.org/security/vulnerabilities_24.html">
	  <ul>
	    <li><p>mod_lua: Use of uninitialized value of in r:parsebody (moderate)
	      (CVE-2022-22719)</p><p>A carefully crafted request body can cause a
	      read to a random memory area which could cause the process to crash.
	    </p></li>
	    <li><p>HTTP request smuggling vulnerability (important) (CVE-2022-22720)
	      </p><p>httpd fails to close inbound connection when errors are
	      encountered discarding the request body, exposing the server to HTTP
	      Request Smuggling</p></li>
	    <li><p>core: Possible buffer overflow with very large or unlimited
	      LimitXMLRequestBody (low) (CVE-2022-22721)</p><p>If LimitXMLRequestBody
	      is set to allow request bodies larger than 350MB (defaults to 1M) on 32
	      bit systems an integer overflow happens which later causes out of
	      bounds writes.</p></li>
	    <li><p>mod_sed: Read/write beyond bounds (important) (CVE-2022-23924)</p>
	      <p>Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server
		allows an attacker to overwrite heap memory with possibly attacker
		provided data.</p></li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-22719</cvename>
      <cvename>CVE-2022-22720</cvename>
      <cvename>CVE-2022-22721</cvename>
      <cvename>CVE-2022-23943</cvename>
      <url>https://httpd.apache.org/security/vulnerabilities_24.html</url>
    </references>
    <dates>
      <discovery>2022-03-14</discovery>
      <entry>2022-03-15</entry>
    </dates>
  </vuln>

  <vuln vid="5aaf534c-a069-11ec-acdc-14dae9d5a9d2">
    <topic>Teeworlds -- Buffer Overflow</topic>
    <affects>
      <package>
	<name>teeworlds</name>
	<range><lt>0.7.5_2</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>NVD reports:</p>
	<blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2021-43518">
	  <p>Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-43518</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2021-43518</url>
    </references>
    <dates>
      <discovery>2021-10-23</discovery>
      <entry>2022-03-10</entry>
    </dates>
  </vuln>

  <vuln vid="2823048d-9f8f-11ec-8c9c-001b217b3468">
    <topic>Gitlab -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>gitlab-ce</name>
	<range><ge>14.8.0</ge><lt>14.8.2</lt></range>
	<range><ge>14.7.0</ge><lt>14.7.4</lt></range>
	<range><ge>0</ge><lt>14.6.5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Gitlab reports:</p>
	<blockquote cite="https://about.gitlab.com/releases/2022/02/25/critical-security-release-gitlab-14-8-2-released/">
	  <p>Runner registration token disclosure through Quick Actions</p>
	  <p>Unprivileged users can add other users to groups through an API endpoint</p>
	  <p>Inaccurate display of Snippet contents can be potentially misleading to users</p>
	  <p>Environment variables can be leaked via the sendmail delivery method</p>
	  <p>Unauthenticated user enumeration on GraphQL API</p>
	  <p>Adding a mirror with SSH credentials can leak password</p>
	  <p>Denial of Service via user comments</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0735</cvename>
      <cvename>CVE-2022-0549</cvename>
      <cvename>CVE-2022-0751</cvename>
      <cvename>CVE-2022-0741</cvename>
      <cvename>CVE-2021-4191</cvename>
      <cvename>CVE-2022-0738</cvename>
      <cvename>CVE-2022-0489</cvename>
      <url>https://about.gitlab.com/releases/2022/02/25/critical-security-release-gitlab-14-8-2-released/</url>
    </references>
    <dates>
      <discovery>2022-02-25</discovery>
      <entry>2022-03-09</entry>
    </dates>
  </vuln>

  <vuln vid="964c5460-9c66-11ec-ad3a-001999f8d30b">
    <topic>asterisk -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>asterisk16</name>
	<range><lt>16.24.1</lt></range>
      </package>
      <package>
	<name>asterisk18</name>
	<range><lt>18.10.1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Asterisk project reports:</p>
	<blockquote cite="https://www.asterisk.org/downloads/security-advisories/">
	  <p>AST-2022-004 - The header length on incoming STUN
	  messages that contain an ERROR-CODE attribute is not
	  properly checked. This can result in an integer underflow.
	  Note, this requires ICE or WebRTC support to be in use
	  with a malicious remote party.</p>
	  <p>AST-2022-005 - When acting as a UAC, and when placing
	  an outgoing call to a target that then forks Asterisk may
	  experience undefined behavior (crashes, hangs, etc) after
	  a dialog set is prematurely freed.</p>
	  <p>AST-2022-006 - If an incoming SIP message contains a
	  malformed multi-part body an out of bounds read access
	  may occur, which can result in undefined behavior. Note,
	  its currently uncertain if there is any externally
	  exploitable vector within Asterisk for this issue, but
	  providing this as a security issue out of caution.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-37706</cvename>
      <cvename>CVE-2022-23608</cvename>
      <cvename>CVE-2022-21723</cvename>
      <url>https://downloads.asterisk.org/pub/security/AST-2022-004.html</url>
      <url>https://downloads.asterisk.org/pub/security/AST-2022-005.html</url>
      <url>https://downloads.asterisk.org/pub/security/AST-2022-006.html</url>
    </references>
    <dates>
      <discovery>2022-03-03</discovery>
      <entry>2022-03-05</entry>
    </dates>
  </vuln>

  <vuln vid="e0914087-9a09-11ec-9e61-3065ec8fd3ec">
    <topic>chromium -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>chromium</name>
	<range><lt>99.0.4844.51</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Chrome Releases reports:</p>
	<blockquote cite="https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html">
	  <p>This release contains 28 security fixes, including:</p>
	  <ul>
	    <li>[1289383] High CVE-2022-0789: Heap buffer overflow in ANGLE.
	      Reported by SeongHwan Park (SeHwa) on 2022-01-21</li>
	    <li>[1274077] High CVE-2022-0790: Use after free in Cast UI.
	      Reported by Anonymous on 2021-11-26</li>
	    <li>[1278322] High CVE-2022-0791: Use after free in Omnibox.
	      Reported by Zhihua Yao of KunLun Lab on 2021-12-09</li>
	    <li>[1285885] High CVE-2022-0792: Out of bounds read in ANGLE.
	      Reported by Jaehun Jeong (@n3sk) of Theori on 2022-01-11</li>
	    <li>[1291728] High CVE-2022-0793: Use after free in Views. Reported
	      by Thomas Orlita on 2022-01-28</li>
	    <li>[1294097] High CVE-2022-0794: Use after free in WebShare.
	      Reported by Khalil Zhani on 2022-02-04</li>
	    <li>[1282782] High CVE-2022-0795: Type Confusion in Blink Layout.
	      Reported by 0x74960 on 2021-12-27</li>
	    <li>[1295786] High CVE-2022-0796: Use after free in Media. Reported
	      by Cassidy Kim of Amber Security Lab, OPPO Mobile
	      Telecommunications Corp. Ltd. on 2022-02-10</li>
	    <li>[1281908] High CVE-2022-0797: Out of bounds memory access in
	      Mojo. Reported by Sergei Glazunov of Google Project Zero on
	      2021-12-21</li>
	    <li>[1283402] Medium CVE-2022-0798: Use after free in MediaStream.
	      Reported by Samet Bekmezci @sametbekmezci on 2021-12-30</li>
	    <li>[1279188] Medium CVE-2022-0799: Insufficient policy enforcement
	      in Installer. Reported by Abdelhamid Naceri (halov) on
	      2021-12-12</li>
	    <li>[1242962] Medium CVE-2022-0800: Heap buffer overflow in Cast UI.
	      Reported by Khalil Zhani on 2021-08-24</li>
	    <li>[1231037] Medium CVE-2022-0801: Inappropriate implementation in
	      HTML parser. Reported by Michal Bentkowski of Securitum on
	      2021-07-20</li>
	    <li>[1270052] Medium CVE-2022-0802: Inappropriate implementation in
	      Full screen mode. Reported by Irvan Kurniawan (sourc7) on
	      2021-11-14</li>
	    <li>[1280233] Medium CVE-2022-0803: Inappropriate implementation in
	      Permissions. Reported by Abdulla Aldoseri on 2021-12-15</li>
	    <li>[1264561] Medium CVE-2022-0804: Inappropriate implementation in
	      Full screen mode. Reported by Irvan Kurniawan (sourc7) on
	      2021-10-29</li>
	    <li>[1290700] Medium CVE-2022-0805: Use after free in Browser
	      Switcher. Reported by raven at KunLun Lab on 2022-01-25</li>
	    <li>[1283434] Medium CVE-2022-0806: Data leak in Canvas. Reported by
	      Paril on 2021-12-31</li>
	    <li>[1287364] Medium CVE-2022-0807: Inappropriate implementation in
	      Autofill. Reported by Alesandro Ortiz on 2022-01-14</li>
	    <li>[1292271] Medium CVE-2022-0808: Use after free in Chrome OS
	      Shell. Reported by @ginggilBesel on 2022-01-29</li>
	    <li>[1293428] Medium CVE-2022-0809: Out of bounds memory access in
	      WebXR. Reported by @uwu7586 on 2022-02-03</li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0789</cvename>
      <cvename>CVE-2022-0790</cvename>
      <cvename>CVE-2022-0791</cvename>
      <cvename>CVE-2022-0792</cvename>
      <cvename>CVE-2022-0793</cvename>
      <cvename>CVE-2022-0794</cvename>
      <cvename>CVE-2022-0795</cvename>
      <cvename>CVE-2022-0796</cvename>
      <cvename>CVE-2022-0797</cvename>
      <cvename>CVE-2022-0798</cvename>
      <cvename>CVE-2022-0799</cvename>
      <cvename>CVE-2022-0800</cvename>
      <cvename>CVE-2022-0801</cvename>
      <cvename>CVE-2022-0802</cvename>
      <cvename>CVE-2022-0803</cvename>
      <cvename>CVE-2022-0804</cvename>
      <cvename>CVE-2022-0805</cvename>
      <cvename>CVE-2022-0806</cvename>
      <cvename>CVE-2022-0807</cvename>
      <cvename>CVE-2022-0808</cvename>
      <cvename>CVE-2022-0809</cvename>
      <url>https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html</url>
    </references>
    <dates>
      <discovery>2022-03-01</discovery>
      <entry>2022-03-02</entry>
    </dates>
  </vuln>

  <vuln vid="a80c6273-988c-11ec-83ac-080027415d17">
    <topic>cyrus-sasl -- Fix off by one error</topic>
    <affects>
      <package>
	<name>cyrus-sasl</name>
	<range><ge>2.1.27</ge><lt>2.1.28</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Cyrus SASL 2.1.x Release Notes New in 2.1.28 reports:</p>
	<blockquote cite="https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28">
	  <p>Fix off by one error</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2019-19906</cvename>
      <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19906</url>
    </references>
    <dates>
      <discovery>2019-12-19</discovery>
      <entry>2022-02-28</entry>
    </dates>
  </vuln>

  <vuln vid="0eab001a-9708-11ec-96c9-589cfc0f81b0">
    <topic>typo3 -- XSS vulnerability in svg-sanitize</topic>
    <affects>
      <package>
       <name>typo3-10-php74</name>
       <range><lt>10.4.25</lt></range>
      </package>
      <package>
       <name>typo3-11-php74</name>
       <name>typo3-11-php80</name>
       <name>typo3-11-php81</name>
       <range><lt>11.5.7</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
       <p>The TYPO3 project reports:</p>
       <blockquote cite="https://typo3.org/article/typo3-psa-2022-001">
	 <p>The SVG sanitizer library enshrined/svg-sanitize before version
	 0.15.0 did not remove HTML elements wrapped in a CDATA section.
	 As a result, SVG content embedded in HTML (fetched as text/html)
	 was susceptible to cross-site scripting. Plain SVG files
	 (fetched as image/svg+xml) were not affected.</p>
       </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-23638</cvename>
      <url>https://github.com/typo3/typo3/commit/9940defb21</url>
      <url>https://typo3.org/article/typo3-psa-2022-001</url>
    </references>
    <dates>
      <discovery>2022-02-22</discovery>
      <entry>2022-02-27</entry>
    </dates>
  </vuln>

  <vuln vid="d71d154a-8b83-11ec-b369-6c3be5272acd">
    <topic>Grafana -- Teams API IDOR</topic>
    <affects>
      <package>
	<name>grafana6</name>
	<range><ge>6.0.0</ge></range>
      </package>
      <package>
	<name>grafana7</name>
	<range><lt>7.5.15</lt></range>
      </package>
      <package>
	<name>grafana8</name>
	<range><lt>8.3.5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Grafana Labs reports:</p>
	<blockquote cite="https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/">
	  <p>On Jan. 18, an external security researcher, Kürşad ALSAN from <a href="https://www.nspect.io/">NSPECT.IO</a> (<a href="https://twitter.com/nspectio">@nspectio</a> on Twitter), contacted Grafana to disclose an IDOR (Insecure Direct Object Reference) vulnerability on Grafana Teams APIs. This vulnerability only impacts the following API endpoints:</p>
	  <ul>
	    <li><strong>/teams/:teamId</strong> - an authenticated attacker can view unintended data by querying for the specific team ID.</li>
	    <li><strong>/teams/:search</strong> - an authenticated attacker can search for teams and see the total number of available teams, including for those teams that the user does not have access to.</li>
	    <li><strong>/teams/:teamId/members</strong> - when editors_can_admin flag is enabled, an authenticated attacker can see unintended data by querying for the specific team ID.</li>
	  </ul>
	  <p>We believe that this vulnerability is rated at CVSS 4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-21713</cvename>
      <url>https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/</url>
    </references>
    <dates>
      <discovery>2022-01-18</discovery>
      <entry>2022-02-12</entry>
    </dates>
  </vuln>

  <vuln vid="d4284c2e-8b83-11ec-b369-6c3be5272acd">
    <topic>Grafana -- CSRF</topic>
    <affects>
      <package>
	<name>grafana6</name>
	<range><ge>6.0.0</ge></range>
      </package>
      <package>
	<name>grafana7</name>
	<range><lt>7.5.15</lt></range>
      </package>
      <package>
	<name>grafana8</name>
	<range><lt>8.3.5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Grafana Labs reports:</p>
	<blockquote cite="https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/">
	  <p>On Jan. 18, security researchers <a href="https://twitter.com/jub0bs">@jub0bs</a> and <a href="https://twitter.com/theabrahack">@abrahack</a> contacted Grafana to <a href="https://jub0bs.com/posts/2022-02-08-cve-2022-21703-writeup/">disclose a CSRF vulnerability</a> which allows anonymous attackers to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana users (for example, Editors or Admins). An attacker can exploit this vulnerability for privilege escalation by tricking an authenticated user into inviting the attacker as a new user with high privileges. We believe that this vulnerability is rated at CVSS 6.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N).</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-21703</cvename>
      <url>https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/</url>
    </references>
    <dates>
      <discovery>2022-01-18</discovery>
      <entry>2022-02-12</entry>
    </dates>
  </vuln>

  <vuln vid="cecbc674-8b83-11ec-b369-6c3be5272acd">
    <topic>Grafana -- XSS</topic>
    <affects>
      <package>
	<name>grafana6</name>
	<range><ge>6.0.0</ge></range>
      </package>
      <package>
	<name>grafana7</name>
	<range><lt>7.5.15</lt></range>
      </package>
      <package>
	<name>grafana8</name>
	<range><lt>8.3.5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Grafana Labs reports:</p>
	<blockquote cite="https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/">
	  <p>On Jan. 16, an external security researcher, Jasu Viding contacted Grafana to disclose an XSS vulnerability in the way that Grafana handles data sources. Should an existing data source connected to Grafana be compromised, it could be used to inappropriately gain access to other data sources connected to the same Grafana org. We believe that this vulnerability is rated at CVSS 6.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N).</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-21702</cvename>
      <url>https://grafana.com/blog/2022/02/08/grafana-7.5.15-and-8.3.5-released-with-moderate-severity-security-fixes/</url>
    </references>
    <dates>
      <discovery>2022-01-16</discovery>
      <entry>2022-02-12</entry>
    </dates>
  </vuln>

  <vuln vid="7695b0af-958f-11ec-9aa3-4ccc6adda413">
    <topic>cryptopp -- ElGamal implementation allows plaintext recovery</topic>
    <affects>
      <package>
	<name>cryptopp</name>
	<range><lt>8.6.0</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Crypto++ 8.6 release notes reports:</p>
	<blockquote cite="https://www.cryptopp.com/release860.html">
	  <p>The ElGamal implementation in Crypto++ through 8.5 allows plaintext
	    recovery because, during interaction between two cryptographic
	    libraries, a certain dangerous combination of the prime defined by
	    the receiver's public key, the generator defined by the receiver's
	    public key, and the sender's ephemeral exponents can lead to a
	    cross-configuration attack against OpenPGP.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-40530</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2021-40530</url>
    </references>
    <dates>
      <discovery>2021-09-06</discovery>
      <entry>2022-02-24</entry>
    </dates>
  </vuln>

  <vuln vid="5e1440c6-95af-11ec-b320-f8b156b6dcc8">
    <topic>flac -- fix encoder bug</topic>
    <affects>
      <package>
	<name>flac</name>
	<range><lt>1.3.4</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The FLAC 1.3.4 release reports:</p>
	<blockquote cite="https://xiph.org/flac/changelog.html">
	  <p>Fix 12 decoder bugs found by oss-fuzz.</p>
	  <p>Fix encoder bug CVE-2021-0561.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-0561</cvename>
      <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0561</url>
    </references>
    <dates>
      <discovery>2022-02-20</discovery>
      <entry>2022-02-24</entry>
    </dates>
  </vuln>

  <vuln vid="022dde12-8f4a-11ec-83ac-080027415d17">
    <topic>cyrus-sasl -- Escape password for SQL insert/update commands</topic>
    <affects>
      <package>
	<name>cyrus-sasl-sql</name>
	<range><ge>2.1.27</ge><lt>2.1.27_1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Cyrus SASL 2.1.x Release Notes New in 2.1.28 reports:</p>
	<blockquote cite="https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28">
	  <p>Escape password for SQL insert/update commands.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-24407</cvename>
      <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407</url>
    </references>
    <dates>
      <discovery>2022-02-04</discovery>
      <entry>2022-02-23</entry>
    </dates>
  </vuln>

  <vuln vid="85d976be-93e3-11ec-aaad-14dae9d5a9d2">
    <topic>The Update Framwork -- path traversal vulnerability</topic>
    <affects>
      <package>
	<name>py37-tuf</name>
	<name>py38-tuf</name>
	<name>py39-tuf</name>
	<name>py310-tuf</name>
	<name>py311-tuf</name>
	<range><le>0.18.1</le></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>NVD reports:</p>
	<blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2021-41131">
	  <p>python-tuf is a Python reference implementation of The Update Framework (TUF). In both clients (`tuf/client` and `tuf/ngclient`), there is a path traversal vulnerability that in the worst case can overwrite files ending in `.json` anywhere on the client system on a call to `get_one_valid_targetinfo()`. It occurs because the rolename is used to form the filename, and may contain path traversal characters (ie `../../name.json`). The impact is mitigated by a few facts: It only affects implementations that allow arbitrary rolename selection for delegated targets metadata, The attack requires the ability to A) insert new metadata for the path-traversing role and B) get the role delegated by an existing targets metadata, The written file content is heavily restricted since it needs to be a valid, signed targets file. The file extension is always .json. A fix is available in version 0.19 or newer. There are no workarounds that do not require code changes. Clients can restrict the allowed character set for rolenames, or they can store metadata in files named in a way that is not vulnerable: neither of these approaches is possible without modifying python-tuf.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-41131</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2021-41131</url>
    </references>
    <dates>
      <discovery>2021-10-22</discovery>
      <entry>2022-02-22</entry>
    </dates>
  </vuln>

  <vuln vid="1cd565da-455e-41b7-a5b9-86ad8e81e33e">
    <topic>seatd-launch -- remove files with escalated privileges with SUID</topic>
    <affects>
      <package>
	<name>seatd</name>
	<range><ge>0.6.0</ge><lt>0.6.4</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Kenny Levinsen reports:</p>
	<blockquote cite="https://lists.sr.ht/~kennylevinsen/seatd-announce/%3CETEO7R.QG8B1KGD531R1%40kl.wtf%3E">
	  <p>seatd-launch could use a user-specified socket path instead of the
	    internally generated socket path, and would unlink the socket path
	    before use to guard against collision with leftover sockets. This
	    meant that a caller could freely control what file path would be
	    unlinked and replaced with a user-owned seatd socket for the duration
	    of the session.</p>
	  <p>If seatd-launch had the SUID bit set, this could be used by a
	    malicious user to remove files with the privileges of the owner of
	    seatd-launch, which is likely root, and replace it with a user-owned
	    domain socket.</p>
	  <p>This does not directly allow retrieving the contents of existing
	    files, and the user-owned socket file is at the current time not
	    believed to be directly useful for further exploitation.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <url>https://lists.sr.ht/~kennylevinsen/seatd-announce/%3CETEO7R.QG8B1KGD531R1%40kl.wtf%3E</url>
      <cvename>CVE-2022-25643</cvename>
    </references>
    <dates>
      <discovery>2022-02-21</discovery>
      <entry>2022-02-21</entry>
      <modified>2022-02-22</modified>
    </dates>
  </vuln>

  <vuln vid="43ae57f6-92ab-11ec-81b4-2cf05d620ecc">
    <topic>Qt5 -- QProcess unexpected search path</topic>
    <affects>
      <package>
	<name>qt5-core</name>
	<range><lt>5.15.2p263_1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Qt Company reports:</p>
	<blockquote cite="https://lists.qt-project.org/pipermail/announce/2022-February/000333.html">
	  <p>Recently, the Qt Project's security team was made aware of an issue regarding QProcess and determined it to be a security issue on Unix-based platforms only. We do not believe this to be a considerable risk for applications as the likelihood of it being triggered is minimal.
</p>
<p>Specifically, the problem is around using QProcess to start an application without having an absolute path, and as a result, it depends on it finding it in the PATH environment variable. As a result, it may be possible for an attacker to place their copy of the executable in question inside the working/current directory for the QProcess and have it invoked that instead.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-25255</cvename>
      <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25255</url>
    </references>
    <dates>
      <discovery>2022-02-17</discovery>
      <entry>2022-02-21</entry>
    </dates>
  </vuln>

  <vuln vid="4d763c65-9246-11ec-9aa3-4ccc6adda413">
    <topic>libmysoft -- Heap-based buffer overflow vulnerability</topic>
    <affects>
      <package>
	<name>libmysofa</name>
	<range><lt>1.2.1.13</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Zhengjie Du reports:</p>
	<blockquote cite="https://huntr.dev/bounties/7ca8d9ea-e2a6-4294-af28-70260bb53bc1/">
	  <p>There are some heap-buffer-overflows in mysofa2json of
	    libmysofa. They are in function loudness, mysofa_check and
	    readOHDRHeaderMessageDataLayout.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-3756</cvename>
      <url>https://www.huntr.dev/bounties/7ca8d9ea-e2a6-4294-af28-70260bb53bc1/</url>
    </references>
    <dates>
      <discovery>2021-09-27</discovery>
      <entry>2022-02-20</entry>
    </dates>
  </vuln>

  <vuln vid="27bf9378-8ffd-11ec-8be6-d4c9ef517024">
    <topic>MariaDB -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>mariadb103-client</name>
	<range><lt>10.3.34</lt></range>
      </package>
      <package>
	<name>mariadb103-server</name>
	<range><lt>10.3.34</lt></range>
      </package>
      <package>
	<name>mariadb104-client</name>
	<range><lt>10.4.24</lt></range>
      </package>
      <package>
	<name>mariadb104-server</name>
	<range><lt>10.4.24</lt></range>
      </package>
      <package>
	<name>mariadb105-client</name>
	<range><lt>10.5.15</lt></range>
      </package>
      <package>
	<name>mariadb105-server</name>
	<range><lt>10.5.15</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>MariaDB reports:</p>
	<blockquote cite="https://mariadb.com/kb/en/cve/">
	  <p>MariaDB reports 5 vulnerabilities in supported versions
	    resulting from fuzzing tests</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-46661</cvename>
      <cvename>CVE-2021-46663</cvename>
      <cvename>CVE-2021-46664</cvename>
      <cvename>CVE-2021-46665</cvename>
      <cvename>CVE-2021-46668</cvename>
      <url>https://mariadb.com/kb/en/cve/</url>
      <url>https://mariadb.com/kb/en/mdb-10334-rn/</url>
      <url>https://mariadb.com/kb/en/mdb-10424-rn/</url>
      <url>https://mariadb.com/kb/en/mdb-10515-rn/</url>
    </references>
    <dates>
      <discovery>2022-02-12</discovery>
      <entry>2022-02-18</entry>
    </dates>
  </vuln>

  <vuln vid="096ab080-907c-11ec-bb14-002324b2fba8">
    <topic>go -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>go</name>
	<range><lt>1.17.7,1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Go project reports:</p>
	<blockquote cite="https://github.com/golang/go/issues/50974">
	  <p>crypto/elliptic: fix IsOnCurve for big.Int values that are not
	    valid coordinates</p>
	  <p>Some big.Int values that are not valid field elements (negative or
	    overflowing) might cause Curve.IsOnCurve to incorrectly return true.
	    Operating on those values may cause a panic or an invalid curve
	    operation. Note that Unmarshal will never return such values.</p>
	</blockquote>
	<blockquote cite="https://github.com/golang/go/issues/50699">
	  <p>math/big: prevent large memory consumption in Rat.SetString</p>
	  <p>An attacker can cause unbounded memory growth in a program using
	    (*Rat).SetString due to an unhandled overflow.</p>
	</blockquote>
	<blockquote cite="https://github.com/golang/go/issues/35671">
	  <p>cmd/go: prevent branches from materializing into versions</p>
	  <p>A branch whose name resembles a version tag (such as "v1.0.0" or
	    "subdir/v2.0.0-dev") can be considered a valid version by the go
	    command. Materializing versions from branches might be unexpected
	    and bypass ACLs that limit the creation of tags but not branches.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-23806</cvename>
      <url>https://github.com/golang/go/issues/50974</url>
      <cvename>CVE-2022-23772</cvename>
      <url>https://github.com/golang/go/issues/50699</url>
      <cvename>CVE-2022-23773</cvename>
      <url>https://github.com/golang/go/issues/35671</url>
    </references>
    <dates>
      <discovery>2022-02-10</discovery>
      <entry>2022-02-18</entry>
    </dates>
  </vuln>

  <vuln vid="e12432af-8e73-11ec-8bc4-3065ec8fd3ec">
    <topic>chromium -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>chromium</name>
	<range><lt>98.0.4758.102</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Chrome Releases reports:</p>
	<blockquote cite="https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html">
	  <p>This release contains 11 security fixes, including:</p>
	  <ul>
	    <li>[1290008] High CVE-2022-0603: Use after free in File Manager.
	      Reported by Chaoyuan Peng (@ret2happy) on 2022-01-22</li>
	    <li>[1273397] High CVE-2022-0604: Heap buffer overflow in Tab
	      Groups. Reported by Krace on 2021-11-24</li>
	    <li>[1286940] High CVE-2022-0605: Use after free in Webstore API.
	      Reported by Thomas Orlita on 2022-01-13</li>
	    <li>[1288020] High CVE-2022-0606: Use after free in ANGLE. Reported
	      by Cassidy Kim of Amber Security Lab, OPPO Mobile
	      Telecommunications Corp. Ltd. on 2022-01-17</li>
	    <li>[1250655] High CVE-2022-0607: Use after free in GPU. Reported by
	      0x74960 on 2021-09-17</li>
	    <li>[1270333] High CVE-2022-0608: Integer overflow in Mojo. Reported
	      by Sergei Glazunov of Google Project Zero on 2021-11-16</li>
	    <li>[1296150] High CVE-2022-0609: Use after free in Animation.
	      Reported by Adam Weidemann and Clément Lecigne of Google'
	      Threat Analysis Group on 2022-02-10</li>
	    <li>[1285449] Medium CVE-2022-0610: Inappropriate implementation in
	      Gamepad API. Reported by Anonymous on 2022-01-08</li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0603</cvename>
      <cvename>CVE-2022-0604</cvename>
      <cvename>CVE-2022-0605</cvename>
      <cvename>CVE-2022-0606</cvename>
      <cvename>CVE-2022-0607</cvename>
      <cvename>CVE-2022-0608</cvename>
      <cvename>CVE-2022-0609</cvename>
      <cvename>CVE-2022-0610</cvename>
      <url>https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html</url>
    </references>
    <dates>
      <discovery>2022-02-14</discovery>
      <entry>2022-02-15</entry>
    </dates>
  </vuln>

  <vuln vid="24049967-88ec-11ec-88f5-901b0e934d69">
    <topic>py-twisted -- cookie and authorization headers are leaked when following cross-origin redirects</topic>
      <affects>
	<package>
	  <name>py37-twisted</name>
	  <name>py38-twisted</name>
	  <name>py39-twisted</name>
	  <name>py310-twisted</name>
	  <range><lt>22.1.0</lt></range>
	</package>
      </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Twisted developers report:</p>
	<blockquote cite="https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx">
	  <p> Cookie and Authorization headers are leaked when following cross-origin redirects in <code>twited.web.client.RedirectAgent</code> and <code>twisted.web.client.BrowserLikeRedirectAgent</code>.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <url>https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx</url>
    </references>
    <dates>
      <discovery>2022-02-07</discovery>
      <entry>2022-02-13</entry>
    </dates>
  </vuln>

  <vuln vid="d923fb0c-8c2f-11ec-aa85-0800270512f4">
    <topic>zsh -- Arbitrary command execution vulnerability</topic>
    <affects>
      <package>
	<name>zsh</name>
	<range><lt>5.8.1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p> Marc Cornellà reports:</p>
	<blockquote cite="https://zsh.sourceforge.io/releases.html">
	  <p>
	    Some prompt expansion sequences, such as %F, support 'arguments'
	    which are themselves expanded in case they contain colour values,
	    etc. This additional expansion would trigger PROMPT_SUBST evaluation,
	    if enabled. This could be abused to execute code the user didn't
	    expect. e.g., given a certain prompt configuration, an attacker
	    could trick a user into executing arbitrary code by having them
	    check out a Git branch with a specially crafted name.
	  </p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-45444</cvename>
      <url>https://zsh.sourceforge.io/releases.html</url>
    </references>
    <dates>
      <discovery>2022-02-12</discovery>
      <entry>2022-02-12</entry>
    </dates>
  </vuln>

  <vuln vid="972ba0e8-8b8a-11ec-b369-6c3be5272acd">
    <topic>Node.js -- January 2022 Security Releases</topic>
    <affects>
      <package>
	<name>node</name>
	<range><ge>12.0.0</ge><lt>12.22.9</lt></range>
	<range><ge>14.0.0</ge><lt>14.18.3</lt></range>
	<range><ge>16.0.0</ge><lt>16.13.2</lt></range>
	<range><ge>17.0.0</ge><lt>17.3.1</lt></range>
      </package>
      <package>
	<name>node16</name>
	<range><lt>16.13.2</lt></range>
      </package>
      <package>
	<name>node14</name>
	<range><lt>14.18.3</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Node.js reports:</p>
	<blockquote cite="https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/">
	  <h1>Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)</h1>
	  <p>Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js did not match the URI correctly.</p>
	  <h1>Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)</h1>
	  <p>Node.js converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints.</p>
	  <h1>Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)</h1>
	  <p>Node.js did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.</p>
	  <h1>Prototype pollution via <code>console.table</code> properties (Low)(CVE-2022-21824)</h1>
	  <p>Due to the formatting logic of the <code>console.table()</code> function it was not safe to allow user controlled input to be passed to the <code>properties</code> parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be <code>__proto__</code>. The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-44531</cvename>
      <cvename>CVE-2021-44532</cvename>
      <cvename>CVE-2021-44533</cvename>
      <cvename>CVE-2022-21824</cvename>
      <url>https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/</url>
    </references>
    <dates>
      <discovery>2022-01-10</discovery>
      <entry>2022-02-12</entry>
    </dates>
  </vuln>

  <vuln vid="0b0ad196-1ee8-4a98-89b1-4d5d82af49a9">
    <topic>jenkins -- DoS vulnerability in bundled XStream library</topic>
    <affects>
      <package>
	<name>jenkins</name>
	<range><lt>2.334</lt></range>
      </package>
      <package>
	<name>jenkins-lts</name>
	<range><lt>2.319.3</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Jenkins Security Advisory:</p>
	<blockquote cite="https://www.jenkins.io/security/advisory/2022-02-09/">
	  <h1>Description</h1>
	  <h5>(Medium) SECURITY-2602 / CVE-2021-43859 (upstream issue), CVE-2022-0538 (Jenkins-specific converters)</h5>
	  <p>DoS vulnerability in bundled XStream library</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-43859</cvename>
      <cvename>CVE-2022-0538</cvename>
      <url>https://www.jenkins.io/security/advisory/2022-02-09/</url>
    </references>
    <dates>
      <discovery>2022-02-09</discovery>
      <entry>2022-02-10</entry>
    </dates>
  </vuln>

  <vuln vid="ff5606f7-8a45-11ec-8be6-d4c9ef517024">
    <topic>MariaDB -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>mariadb103-client</name>
	<range><lt>10.3.33</lt></range>
      </package>
      <package>
	<name>mariadb103-server</name>
	<range><lt>10.3.33</lt></range>
      </package>
      <package>
	<name>mariadb104-client</name>
	<range><lt>10.4.23</lt></range>
      </package>
      <package>
	<name>mariadb104-server</name>
	<range><lt>10.4.23</lt></range>
      </package>
      <package>
	<name>mariadb105-client</name>
	<range><lt>10.5.14</lt></range>
      </package>
      <package>
	<name>mariadb105-server</name>
	<range><lt>10.5.14</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>MariaDB reports:</p>
	<blockquote cite="https://mariadb.com/kb/en/cve/">
	  <p>MariaDB reports 5 vulnerabilities in supported versions
	    without further detailed information.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-24052</cvename>
      <cvename>CVE-2022-24051</cvename>
      <cvename>CVE-2022-24050</cvename>
      <cvename>CVE-2022-24048</cvename>
      <cvename>CVE-2021-46659</cvename>
      <url>https://mariadb.com/kb/en/cve/</url>
      <url>https://mariadb.com/kb/en/mdb-10333-rn/</url>
      <url>https://mariadb.com/kb/en/mdb-10423-rn/</url>
      <url>https://mariadb.com/kb/en/mdb-10514-rn/</url>
    </references>
    <dates>
      <discovery>2022-02-10</discovery>
      <entry>2022-02-10</entry>
      <modified>2022-02-17</modified>
    </dates>
  </vuln>

  <vuln vid="fc2a9541-8893-11ec-9d01-80ee73419af3">
    <topic>xrdp -- privilege escalation</topic>
    <affects>
      <package>
	<name>xrdp</name>
	<range><ge>0.9.17,1</ge><lt>0.9.18.1,1</lt></range>
      </package>
      <package>
	<name>xrdp-devel</name>
	<range><ge>0.9.17,1</ge><lt>0.9.18.1,1</lt></range>
      </package>

    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>xrdp project reports:</p>
	<blockquote cite="https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-8h98-h426-xf32">
	  <p>An integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is accessible to a sesman server (listens by default on localhost when installing xrdp, but can be remote if configured otherwise) to execute code as root.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-23613</cvename>
      <url>https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-8h98-h426-xf32</url>
    </references>
    <dates>
      <discovery>2022-01-23</discovery>
      <entry>2022-02-08</entry>
      <modified>2022-02-15</modified>
    </dates>
  </vuln>

  <vuln vid="3507bfb3-85d5-11ec-8c9c-001b217b3468">
    <topic>Gitlab -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>gitlab-ce</name>
	<range><ge>14.7.0</ge><lt>14.7.1</lt></range>
	<range><ge>14.6.0</ge><lt>14.6.4</lt></range>
	<range><ge>0</ge><lt>14.5.4</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Gitlab reports:</p>
	<blockquote cite="https://about.gitlab.com/releases/2022/02/03/security-release-gitlab-14-7-1-released/">
	  <p>Arbitrary POST requests via special HTML attributes in Jupyter Notebooks</p>
	  <p>DNS Rebinding vulnerability in Irker IRC Gateway integration</p>
	  <p>Missing certificate validation for external CI services</p>
	  <p>Blind SSRF Through Project Import</p>
	  <p>Open redirect vulnerability in Jira Integration</p>
	  <p>Issue link was disclosing the linked issue</p>
	  <p>Service desk email accessible by project non-members</p>
	  <p>Authenticated users can search other users by their private email</p>
	  <p>"External status checks" can be accepted by users below developer access if the user is either author or assignee of the target merge request</p>
	  <p>Deleting packages in bulk from package registries may cause table locks</p>
	  <p>Autocomplete enabled on specific pages</p>
	  <p>Possible SSRF due to not blocking shared address space</p>
	  <p>System notes reveals private project path when Issue is moved to a public project</p>
	  <p>Timeout for pages using Markdown</p>
	  <p>Certain branch names could not be protected</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0427</cvename>
      <cvename>CVE-2022-0425</cvename>
      <cvename>CVE-2022-0123</cvename>
      <cvename>CVE-2022-0136</cvename>
      <cvename>CVE-2022-0283</cvename>
      <cvename>CVE-2022-0390</cvename>
      <cvename>CVE-2022-0373</cvename>
      <cvename>CVE-2022-0371</cvename>
      <cvename>CVE-2021-39943</cvename>
      <cvename>CVE-2022-0477</cvename>
      <cvename>CVE-2022-0167</cvename>
      <cvename>CVE-2022-0249</cvename>
      <cvename>CVE-2022-0344</cvename>
      <cvename>CVE-2022-0488</cvename>
      <cvename>CVE-2021-39931</cvename>
      <url>https://about.gitlab.com/releases/2022/02/03/security-release-gitlab-14-7-1-released/</url>
    </references>
    <dates>
      <discovery>2022-02-03</discovery>
      <entry>2022-02-04</entry>
    </dates>
  </vuln>

  <vuln vid="e852f43c-846e-11ec-b043-3065ec8fd3ec">
    <topic>chromium -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>chromium</name>
	<range><lt>98.0.4758.80</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Chrome Releases reports:</p>
	<blockquote cite="https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html">
	  <p>This release contains 27 security fixes, including:</p>
	  <ul>
	    <li>[1284584] High CVE-2022-0452: Use after free in Safe Browsing.
	      Reported by avaue at S.S.L. on 2022-01-05</li>
	    <li>[1284916] High CVE-2022-0453: Use after free in Reader Mode.
	      Reported by Rong Jian of VRI on 2022-01-06</li>
	    <li>[1287962] High CVE-2022-0454: Heap buffer overflow in ANGLE.
	      Reported by Seong-Hwan Park (SeHwa) of SecunologyLab on
	      2022-01-17</li>
	    <li>[1270593] High CVE-2022-0455: Inappropriate implementation in
	      Full Screen Mode. Reported by Irvan Kurniawan (sourc7) on
	      2021-11-16</li>
	    <li>[1289523] High CVE-2022-0456: Use after free in Web Search.
	      Reported by Zhihua Yao of KunLun Lab on 2022-01-21</li>
	    <li>[1274445] High CVE-2022-0457: Type Confusion in V8. Reported by
	      rax of the Group0x58 on 2021-11-29</li>
	    <li>[1267060] High CVE-2022-0458: Use after free in Thumbnail Tab
	      Strip. Reported by Leecraso and Guang Gong of 360 Alpha Lab on
	      2021-11-05</li>
	    <li>[1244205] High CVE-2022-0459: Use after free in Screen Capture.
	      Reported by raven (@raid_akame) on 2021-08-28</li>
	    <li>[1250227] Medium CVE-2022-0460: Use after free in Window Dialog.
	      Reported by 0x74960 on 2021-09-16</li>
	    <li>[1256823] Medium CVE-2022-0461: Policy bypass in COOP. Reported
	      by NDevTK on 2021-10-05</li>
	    <li>[1270470] Medium CVE-2022-0462: Inappropriate implementation in
	      Scroll. Reported by Youssef Sammouda on 2021-11-16</li>
	    <li>[1268240] Medium CVE-2022-0463: Use after free in Accessibility.
	      Reported by Zhihua Yao of KunLun Lab on 2021-11-09</li>
	    <li>[1270095] Medium CVE-2022-0464: Use after free in Accessibility.
	      Reported by Zhihua Yao of KunLun Lab on 2021-11-14</li>
	    <li>[1281941] Medium CVE-2022-0465: Use after free in Extensions.
	      Reported by Samet Bekmezci @sametbekmezci on 2021-12-22</li>
	    <li>[1115460] Medium CVE-2022-0466: Inappropriate implementation in
	      Extensions Platform. Reported by David Erceg on 2020-08-12</li>
	    <li>[1239496] Medium CVE-2022-0467: Inappropriate implementation in
	      Pointer Lock. Reported by Alesandro Ortiz on 2021-08-13</li>
	    <li>[1252716] Medium CVE-2022-0468: Use after free in Payments.
	      Reported by Krace on 2021-09-24</li>
	    <li>[1279531] Medium CVE-2022-0469: Use after free in Cast. Reported
	      by Thomas Orlita on 2021-12-14</li>
	    <li>[1269225] Low CVE-2022-0470: Out of bounds memory access in V8.
	      Reported by Looben Yang on 2021-11-11</li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0452</cvename>
      <cvename>CVE-2022-0453</cvename>
      <cvename>CVE-2022-0454</cvename>
      <cvename>CVE-2022-0455</cvename>
      <cvename>CVE-2022-0456</cvename>
      <cvename>CVE-2022-0457</cvename>
      <cvename>CVE-2022-0458</cvename>
      <cvename>CVE-2022-0459</cvename>
      <cvename>CVE-2022-0460</cvename>
      <cvename>CVE-2022-0461</cvename>
      <cvename>CVE-2022-0462</cvename>
      <cvename>CVE-2022-0463</cvename>
      <cvename>CVE-2022-0464</cvename>
      <cvename>CVE-2022-0465</cvename>
      <cvename>CVE-2022-0466</cvename>
      <cvename>CVE-2022-0467</cvename>
      <cvename>CVE-2022-0468</cvename>
      <cvename>CVE-2022-0469</cvename>
      <cvename>CVE-2022-0470</cvename>
      <url>https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html</url>
    </references>
    <dates>
      <discovery>2022-02-01</discovery>
      <entry>2022-02-02</entry>
    </dates>
  </vuln>

  <vuln vid="1d3677a8-9143-42d8-84a3-0585644dff4b">
    <topic>h2o -- uninitialised memory access in HTTP3</topic>
    <affects>
      <package>
	<name>h2o-devel</name>
	<range><lt>2.3.0.d.20220131</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Emil Lerner reports:</p>
	<blockquote cite="https://github.com/h2o/h2o/security/advisories/GHSA-f9xw-j925-m4m4">
       <p>When receiving QUIC frames in certain order, HTTP/3 server-side
       implementation of h2o can be misguided to treat uninitialized
       memory as HTTP/3 frames that have been received. When h2o is
       used as a reverse proxy, an attacker can abuse this vulnerability
       to send internal state of h2o to backend servers controlled by
       the attacker or third party. Also, if there is an HTTP endpoint
       that reflects the traffic sent from the client, an attacker can
       use that reflector to obtain internal state of h2o.</p>
       <p>This internal state includes traffic of other connections in
       unencrypted form and TLS session tickets.</p>
       <p>This vulnerability exists in h2o server with HTTP/3
       support, between commit 93af138 and d1f0f65. None of the
       released versions of h2o are affected by this vulnerability.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-43848</cvename>
      <url>https://github.com/h2o/h2o/security/advisories/GHSA-f9xw-j925-m4m4</url>
    </references>
    <dates>
      <discovery>2021-01-31</discovery>
      <entry>2022-02-02</entry>
    </dates>
  </vuln>

  <vuln vid="b1b6d623-83e4-11ec-90de-1c697aa5a594">
    <topic>FreeBSD -- vt console buffer overflow</topic>
    <affects>
      <package>
	<name>FreeBSD</name>
	<range><ge>13.0</ge><lt>13.0_6</lt></range>
	<range><ge>12.2</ge><lt>12.2_12</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<h1>Problem Description:</h1>
	<p>Under certain conditions involving use of the highlight buffer
	while text is scrolling on the console, console data may overwrite
	data structures associated with the system console or other kernel
	memory.</p>
	<h1>Impact:</h1>
	<p>Users with access to the system console may be able to cause system
	misbehaviour.</p>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-29632</cvename>
      <freebsdsa>SA-22:01.vt</freebsdsa>
    </references>
    <dates>
      <discovery>2022-01-11</discovery>
      <entry>2022-02-02</entry>
    </dates>
  </vuln>

  <vuln vid="8579074c-839f-11ec-a3b2-005056a311d1">
    <topic>samba -- Multiple Vulnerabilities</topic>
    <affects>
      <package>
	<name>samba413</name>
	<range><lt>4.13.17</lt></range>
      </package>
      <package>
	<name>samba414</name>
	<range><lt>4.14.12</lt></range>
      </package>
      <package>
	<name>samba415</name>
	<range><lt>4.15.5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Samba Team reports:</p>
	<blockquote cite="https://www.samba.org/samba/history/security.html">
	  <ul>
	  <li>CVE-2021-43566: Malicious client using an SMB1 or NFS race to allow
	      a directory to be created in an area of the server file system not
	      exported under the share definition.</li>
	  <li>CVE-2021-44141: Information leak via symlinks of existance of files
	      or directories outside of the exported share.</li>
	  <li>CVE-2021-44142: Out-of-bounds heap read/write vulnerability
	      in VFS module vfs_fruit allows code execution.</li>
	  <li>CVE-2022-0336: Samba AD users with permission to write to
	      an account can impersonate arbitrary services.</li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-43566</cvename>
      <cvename>CVE-2021-44141</cvename>
      <cvename>CVE-2021-44142</cvename>
      <cvename>CVE-2022-0336</cvename>
      <url>https://www.samba.org/samba/security/CVE-2021-43566.html</url>
      <url>https://www.samba.org/samba/security/CVE-2021-44141.html</url>
      <url>https://www.samba.org/samba/security/CVE-2021-44142.html</url>
      <url>https://www.samba.org/samba/security/CVE-2022-0336.html</url>
    </references>
    <dates>
      <discovery>2022-01-31</discovery>
      <entry>2022-02-01</entry>
    </dates>
  </vuln>

  <vuln vid="ee26f513-826e-11ec-8be6-d4c9ef517024">
    <topic>Rust -- Race condition enabling symlink following</topic>
    <affects>
      <package>
	<name>rust</name>
	<range><lt>1.58.1</lt></range>
      </package>
      <package>
	<name>rust-nightly</name>
	<range><lt>1.60.0.20220202</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<blockquote cite="https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html">
	  <p>The Rust Security Response WG was notified that the
	    std::fs::remove_dir_all standard library function is vulnerable to a
	    race condition enabling symlink following (CWE-363). An attacker could
	    use this security issue to trick a privileged program into deleting
	    files and directories the attacker couldn't otherwise access or
	    delete.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-21658</cvename>
      <url>https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html</url>
    </references>
    <dates>
      <discovery>2022-01-20</discovery>
      <entry>2022-01-31</entry>
      <modified>2022-02-03</modified>
    </dates>
  </vuln>

  <vuln vid="b0c83e1a-8153-11ec-84f9-641c67a117d8">
    <topic>varnish -- Request Smuggling Vulnerability</topic>
    <affects>
      <package>
	<name>varnish6</name>
	<range><lt>6.6.2</lt></range>
      </package>
      <package>
	<name>varnish4</name>
	<range><lt>4.1.11r6</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Varnish Cache Project reports:</p>
	<blockquote cite="https://varnish-cache.org/security/VSV00008.html">
	  <p>A request smuggling attack can be performed on HTTP/1 connections on
	    Varnish Cache servers. The smuggled request would be treated as an additional
	    request by the Varnish server, go through normal VCL processing, and injected
	    as a spurious response on the client connection.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-23959</cvename>
      <url>https://varnish-cache.org/security/VSV00008.html</url>
      <url>https://docs.varnish-software.com/security/VSV00008/</url>
      <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23959</url>
    </references>
    <dates>
      <discovery>2022-01-25</discovery>
      <entry>2022-01-29</entry>
    </dates>
  </vuln>

  <vuln vid="b6ef8a53-8062-11ec-9af3-fb232efe4d2e">
    <topic>OpenEXR -- Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute</topic>
    <affects>
      <package>
	<name>openexr</name>
	<range><lt>3.1.4</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Cary Phillips reports:</p>
	<blockquote cite="https://github.com/AcademySoftwareFoundation/openexr/blob/v3.1.4/CHANGES.md#version-314-january-26-2022">
	  <p>[OpenEXR Version 3.1.4 is a] patch release that [...]
	    addresses one public security vulnerability:
	    CVE-2021-45942 Heap-buffer-overflow in
	    Imf_3_1::LineCompositeTask::execute [and several]
	    specific OSS-fuzz issues [...].</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-45942</cvename>
      <url>https://github.com/AcademySoftwareFoundation/openexr/blob/v3.1.4/CHANGES.md#version-314-january-26-2022</url>
      <url>https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416</url> <!-- reported for dates.discovery below -->
      <url>https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41999</url> <!-- reported 2021-12-04 -->
      <url>https://github.com/AcademySoftwareFoundation/openexr/pull/1209</url> <!-- fix for CVE-inducing issue -->
    </references>
    <dates>
      <discovery>2021-11-26</discovery>
      <entry>2022-01-28</entry>
    </dates>
  </vuln>

  <vuln vid="1aaaa5c6-804d-11ec-8be6-d4c9ef517024">
    <topic>OpenSSL -- BN_mod_exp incorrect results on MIPS</topic>
    <affects>
      <package>
	<name>openssl</name>
	<range><lt>1.1.1m,1</lt></range>
      </package>
      <package>
	<name>openssl-devel</name>
	<range><lt>3.0.1</lt></range>
      </package>
      <package>
	<name>openssl-quictls</name>
	<range><lt>3.0.1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The OpenSSL project reports:</p>
	<blockquote cite="https://www.openssl.org/news/secadv/20220128.txt">
	  <p>BN_mod_exp may produce incorrect results on MIPS (Moderate)</p>
	  <p>There is a carry propagation bug in the MIPS32 and MIPS64 squaring
	    procedure. Many EC algorithms are affected, including some of the
	    TLS 1.3 default curves. Impact was not analyzed in detail, because the
	    pre-requisites for attack are considered unlikely and include reusing
	    private keys. Analysis suggests that attacks against RSA and DSA as a
	    result of this defect would be very difficult to perform and are not
	    believed likely. Attacks against DH are considered just feasible
	    (although very difficult) because most of the work necessary to deduce
	    information about a private key may be performed offline. The amount
	    of resources required for such an attack would be significant.
	    However, for an attack on TLS to be meaningful, the server would have
	    to share the DH private key among multiple clients, which is no longer
	    an option since CVE-2016-0701.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-4160</cvename>
      <url>https://www.openssl.org/news/secadv/20220128.txt</url>
    </references>
    <dates>
      <discovery>2022-01-28</discovery>
      <entry>2022-01-28</entry>
    </dates>
  </vuln>

  <vuln vid="65847d9d-7f3e-11ec-8624-b42e991fc52e">
    <topic>mustache - Possible Remote Code Execution</topic>
    <affects>
      <package>
	<name>phpmustache</name>
	<range><lt>2.14.1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>huntr.dev reports:</p>
	<blockquote cite="https://huntr.dev/bounties/a5f5a988-aa52-4443-839d-299a63f44fb7/">
	  <p>In Mustache.php v2.0.0 through v2.14.0, Sections tag can
	    lead to arbitrary php code execution even if
	    strict_callables is true when section value is
	    controllable.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0323</cvename>
      <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0323</url>
    </references>
    <dates>
      <discovery>2022-01-20</discovery>
      <entry>2022-01-27</entry>
    </dates>
  </vuln>

  <vuln vid="0f8bf913-7efa-11ec-8c04-2cf05d620ecc">
    <topic>polkit -- Local Privilege Escalation</topic>
    <affects>
      <package>
	<name>polkit</name>
	<range><lt>0.120_1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Qualys reports:</p>
	<blockquote cite="https://seclists.org/oss-sec/2022/q1/80">
	  <p>We discovered a Local Privilege Escalation (from any user to root) in
polkit's pkexec, a SUID-root program that is installed by default on
every major Linux distribution.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-4034</cvename>
      <url>https://seclists.org/oss-sec/2022/q1/80</url>
      <freebsdpr>ports/261482</freebsdpr>
    </references>
    <dates>
      <discovery>2022-01-25</discovery>
      <entry>2022-01-26</entry>
    </dates>
  </vuln>

  <vuln vid="ccaea96b-7dcd-11ec-93df-00224d821998">
    <topic>strongswan - Incorrect Handling of Early EAP-Success Messages</topic>
    <affects>
      <package>
	<name>strongswan</name>
	<range><lt>5.9.5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Strongswan Release Notes reports:</p>
	<blockquote cite="https://github.com/strongswan/strongswan/releases/tag/5.9.5">
	  <p>Fixed a vulnerability in the EAP client implementation
	    that was caused by incorrectly handling early EAP-Success
	    messages. It may allow to bypass the client and in some
	    scenarios even the server authentication, or could lead to
	    a denial-of-service attack. This vulnerability has been
	    registered as CVE-2021-45079.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-45079</cvename>
      <url>https://www.strongswan.org/blog/2022/01/24/strongswan-vulnerability-(cve-2021-45079).html</url>
    </references>
    <dates>
      <discovery>2021-12-16</discovery>
      <entry>2022-01-25</entry>
    </dates>
  </vuln>

  <vuln vid="58528a94-5100-4208-a04d-edc01598cf01">
    <topic>strongswan - denial-of-service vulnerability in the gmp plugin/denial-of-service vulnerability in the in-memory certificate cache</topic>
    <affects>
      <package>
	<name>strongswan</name>
	<range><lt>5.9.4</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Strongswan Release Notes reports:</p>
	<blockquote cite="https://github.com/strongswan/strongswan/releases/tag/5.9.4">
	  <p>Fixed a denial-of-service vulnerability in the gmp plugin that
	     was caused by an integer overflow when processing RSASSA-PSS
	     signatures with very large salt lengths. This vulnerability has
	     been registered as CVE-2021-41990.</p>
	  <p>Fixed a denial-of-service vulnerability in the in-memory
	     certificate cache if certificates are replaced and a very large
	     random value caused an integer overflow. This vulnerability has
	     been registered as CVE-2021-41991.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-41990</cvename>
      <cvename>CVE-2021-41991</cvename>
      <url>https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41990).html</url>
      <url>https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41991).html</url>
    </references>
    <dates>
      <discovery>2021-10-04</discovery>
      <entry>2022-01-25</entry>
    </dates>
  </vuln>

  <vuln vid="309c35f4-7c9f-11ec-a739-206a8a720317">
    <topic>aide -- heap-based buffer overflow</topic>
    <affects>
      <package>
	<name>aide</name>
	<range><lt>0.17.4</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>David Bouman reports:</p>
	<blockquote cite="INSERT URL HERE">
	  <p>AIDE before 0.17.4 allows local users to obtain root privileges
	     via crafted file metadata (such as XFS extended attributes or
	     tmpfs ACLs), because of a heap-based buffer overflow.</p>
	  <p>Aide uses a fixed size (16k bytes) for the return buffer in
	     encode_base64/decode_base64 functions. This results in a segfault
	     if aide processes a file with too large extended attribute value
	     or ACL.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-45417</cvename>
      <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45417</url>
    </references>
    <dates>
      <discovery>2022-01-15</discovery>
      <entry>2022-01-23</entry>
    </dates>
  </vuln>

  <vuln vid="51496cbc-7a0e-11ec-a323-3065ec8fd3ec">
    <topic>chromium -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>chromium</name>
	<range><lt>97.0.4692.99</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Chrome Releases reports:</p>
	<blockquote cite="https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html">
	  <p>This release contains 26 security fixes, including:</p>
	  <ul>
	    <li>[1284367] Critical CVE-2022-0289: Use after free in Safe
	      browsing. Reported by Sergei Glazunov of Google Project Zero on
	      2022-01-05</li>
	    <li>[1260134][1260007] High CVE-2022-0290: Use after free in Site
	      isolation. Reported by Brendon Tiszka and Sergei Glazunov of
	      Google Project Zero on 2021-10-15</li>
	    <li>[1281084] High CVE-2022-0291: Inappropriate implementation in
	      Storage. Reported by Anonymous on 2021-12-19</li>
	    <li>[1270358] High CVE-2022-0292: Inappropriate implementation in
	      Fenced Frames. Reported by Brendon Tiszka  on 2021-11-16</li>
	    <li>[1283371] High CVE-2022-0293: Use after free in Web packaging.
	      Reported by Rong Jian and Guang Gong of 360 Alpha Lab on
	      2021-12-30</li>
	    <li>[1273017] High CVE-2022-0294: Inappropriate implementation in
	      Push messaging. Reported by Rong Jian and Guang Gong of 360 Alpha
	      Lab on 2021-11-23</li>
	    <li>[1278180] High CVE-2022-0295: Use after free in Omnibox.
	      Reported by Weipeng Jiang (@Krace) and Guang Gong of 360
	      Vulnerability Research Institute on 2021-12-09</li>
	    <li>[1283375] High CVE-2022-0296: Use after free in Printing.
	      Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability
	      Research Institute on 2021-12-30</li>
	    <li>[1274316] High CVE-2022-0297: Use after free in Vulkan. Reported
	      by Cassidy Kim of Amber Security Lab, OPPO Mobile
	      Telecommunications Corp. Ltd. on 2021-11-28</li>
	    <li>[1212957] High CVE-2022-0298: Use after free in Scheduling.
	      Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-25</li>
	    <li>[1275438] High CVE-2022-0300: Use after free in Text Input
	      Method Editor. Reported by Rong Jian and Guang Gong of 360 Alpha
	      Lab on 2021-12-01</li>
	    <li>[1276331] High CVE-2022-0301: Heap buffer overflow in DevTools.
	      Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability
	      Research on 2021-12-03</li>
	    <li>[1278613] High CVE-2022-0302: Use after free in Omnibox.
	      Reported by Weipeng Jiang (@Krace) and Guang Gong of 360
	      Vulnerability Research Institute on 2021-12-10</li>
	    <li>[1281979] High CVE-2022-0303: Race in GPU Watchdog. Reported by
	      Yigit Can YILMAZ (@yilmazcanyigit) on 2021-12-22</li>
	    <li>[1282118] High CVE-2022-0304: Use after free in Bookmarks.
	      Reported by Rong Jian and Guang Gong of 360 Alpha Lab on
	      2021-12-22</li>
	    <li>[1282354] High CVE-2022-0305: Inappropriate implementation in
	      Service Worker API. Reported by @uwu7586 on 2021-12-23</li>
	    <li>[1283198] High CVE-2022-0306: Heap buffer overflow in PDFium.
	      Reported by Sergei Glazunov of Google Project Zero on
	      2021-12-29</li>
	    <li>[1281881] Medium CVE-2022-0307: Use after free in Optimization
	      Guide. Reported by Samet Bekmezci @sametbekmezci on
	      2021-12-21</li>
	    <li>[1282480] Medium CVE-2022-0308: Use after free in Data Transfer.
	      Reported by @ginggilBesel on 2021-12-24</li>
	    <li>[1240472] Medium CVE-2022-0309: Inappropriate implementation in
	      Autofill. Reported by Alesandro Ortiz on 2021-08-17</li>
	    <li>[1283805] Medium CVE-2022-0310: Heap buffer overflow in Task
	      Manager. Reported by Samet Bekmezci @sametbekmezci on
	      2022-01-03</li>
	    <li>[1283807] Medium CVE-2022-0311: Heap buffer overflow in Task
	      Manager. Reported by Samet Bekmezci @sametbekmezci on
	      2022-01-03</li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0289</cvename>
      <cvename>CVE-2022-0290</cvename>
      <cvename>CVE-2022-0291</cvename>
      <cvename>CVE-2022-0292</cvename>
      <cvename>CVE-2022-0293</cvename>
      <cvename>CVE-2022-0294</cvename>
      <cvename>CVE-2022-0295</cvename>
      <cvename>CVE-2022-0296</cvename>
      <cvename>CVE-2022-0297</cvename>
      <cvename>CVE-2022-0298</cvename>
      <cvename>CVE-2022-0300</cvename>
      <cvename>CVE-2022-0301</cvename>
      <cvename>CVE-2022-0302</cvename>
      <cvename>CVE-2022-0303</cvename>
      <cvename>CVE-2022-0304</cvename>
      <cvename>CVE-2022-0305</cvename>
      <cvename>CVE-2022-0306</cvename>
      <cvename>CVE-2022-0307</cvename>
      <cvename>CVE-2022-0308</cvename>
      <cvename>CVE-2022-0309</cvename>
      <cvename>CVE-2022-0310</cvename>
      <cvename>CVE-2022-0311</cvename>
      <url>https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html</url>
    </references>
    <dates>
      <discovery>2022-01-19</discovery>
      <entry>2022-01-20</entry>
    </dates>
  </vuln>

  <vuln vid="7262f826-795e-11ec-8be6-d4c9ef517024">
    <topic>MySQL -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>mysql-connector-odbc</name>
	<range><lt>8.0.28</lt></range>
      </package>
      <package>
	<name>mysql-connector-c++</name>
	<range><lt>8.0.28</lt></range>
      </package>
      <package>
	<name>mysql-connector-java</name>
	<range><lt>8.0.28</lt></range>
      </package>
      <package>
	<name>mysql-connector-java51</name>
	<range><lt>8.0.28</lt></range>
      </package>
      <package>
	<name>mysql-server55</name>
	<range><lt>5.5.63</lt></range>
      </package>
      <package>
	<name>mysql-server56</name>
	<range><lt>5.6.52</lt></range>
      </package>
      <package>
	<name>mysql-server57</name>
	<range><lt>5.7.37</lt></range>
      </package>
      <package>
	<name>mysql-server80</name>
	<range><lt>8.0.27</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Oracle reports:</p>
	<blockquote cite="https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL">
	  <p>This Critical Patch Update contains 78 new security patches for
	    Oracle MySQL. 3 of these vulnerabilities may be remotely exploitable
	    without authentication, i.e., may be exploited over a network without
	    requiring user credentials.<br/>
	    The highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle
	    MySQL is 7.4</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-22946</cvename>
      <cvename>CVE-2021-3712</cvename>
      <cvename>CVE-2022-21278</cvename>
      <cvename>CVE-2022-21351</cvename>
      <cvename>CVE-2022-21363</cvename>
      <cvename>CVE-2022-21358</cvename>
      <cvename>CVE-2022-21352</cvename>
      <cvename>CVE-2022-21367</cvename>
      <cvename>CVE-2022-21301</cvename>
      <cvename>CVE-2022-21378</cvename>
      <cvename>CVE-2022-21302</cvename>
      <cvename>CVE-2022-21254</cvename>
      <cvename>CVE-2022-21348</cvename>
      <cvename>CVE-2022-21270</cvename>
      <cvename>CVE-2022-21256</cvename>
      <cvename>CVE-2022-21379</cvename>
      <cvename>CVE-2022-21362</cvename>
      <cvename>CVE-2022-21374</cvename>
      <cvename>CVE-2022-21253</cvename>
      <cvename>CVE-2022-21264</cvename>
      <cvename>CVE-2022-21297</cvename>
      <cvename>CVE-2022-21339</cvename>
      <cvename>CVE-2022-21342</cvename>
      <cvename>CVE-2022-21370</cvename>
      <cvename>CVE-2022-21304</cvename>
      <cvename>CVE-2022-21344</cvename>
      <cvename>CVE-2022-21303</cvename>
      <cvename>CVE-2022-21368</cvename>
      <cvename>CVE-2022-21245</cvename>
      <cvename>CVE-2022-21265</cvename>
      <cvename>CVE-2022-21249</cvename>
      <cvename>CVE-2022-21372</cvename>
      <url>https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL</url>
    </references>
    <dates>
      <discovery>2022-01-18</discovery>
      <entry>2022-01-19</entry>
    </dates>
  </vuln>

  <vuln vid="e3ec8b30-757b-11ec-922f-654747404482">
    <topic>Prosody XMPP server advisory 2022-01-13</topic>
    <affects>
      <package>
	<name>prosody</name>
	<range><lt>0.11.12</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The Prosody teaM reports:</p>
	<blockquote cite="https://prosody.im/security/advisory_20220113/">
	  <p>It was discovered that an internal Prosody library to load XML based on
	  does not properly restrict the XML features allowed in parsed
	  XML data. Given suitable attacker input, this results in expansion of
	  recursive entity references from DTDs (CWE-776). In addition,
	  depending on the libexpat version used, it may also allow injections
	  using XML External Entity References (CWE-611).</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0217</cvename>
      <url>https://prosody.im/security/advisory_20220113/</url>
    </references>
    <dates>
      <discovery>2022-01-10</discovery>
      <entry>2022-01-14</entry>
    </dates>
  </vuln>

  <vuln vid="79b65dc5-749f-11ec-8be6-d4c9ef517024">
    <topic>WordPress -- Multiple Vulnerabilities</topic>
    <affects>
      <package>
	<name>wordpress</name>
	<range><lt>5.8.3,1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>The WordPress project reports:</p>
	<blockquote cite="https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/">
	  <ul><li>Issue with stored XSS through post slugs</li>
	    <li>Issue with Object injection in some multisite installations</li>
	    <li>SQL injection vulnerability in WP_Query</li>
	    <li>SQL injection vulnerability in WP_Meta_Query</li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <url>https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/</url>
    </references>
    <dates>
      <discovery>2022-01-06</discovery>
      <entry>2022-01-13</entry>
    </dates>
  </vuln>

  <vuln vid="2a6106c6-73e5-11ec-8fa2-0800270512f4">
    <topic>clamav -- invalid pointer read that may cause a crash</topic>
    <affects>
      <package>
	<name>clamav</name>
	<range><lt>0.104.2,1</lt></range>
      </package>
      <package>
	<name>clamav-lts</name>
	<range><lt>0.103.5,1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Laurent Delosieres reports:</p>
	<blockquote cite="https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html">
	  <p>
	    Fix for invalid pointer read that may cause a crash. This issue affects
	    0.104.1, 0.103.4 and prior when ClamAV is compiled with libjson-c and the
	    <code>CL_SCAN_GENERAL_COLLECT_METADATA</code> scan option
	    (the <code>clamscan --gen-json</code> option) is enabled.
	  </p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-20698</cvename>
      <url>https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html</url>
    </references>
    <dates>
      <discovery>2022-01-12</discovery>
      <entry>2022-01-12</entry>
    </dates>
  </vuln>

  <vuln vid="672eeea9-a070-4f88-b0f1-007e90a2cbc3">
    <topic>jenkins -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>jenkins</name>
	<range><lt>2.330</lt></range>
      </package>
      <package>
	<name>jenkins-lts</name>
	<range><lt>2.319.2</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Jenkins Security Advisory:</p>
	<blockquote cite="https://www.jenkins.io/security/advisory/2021-11-04/">
	  <h1>Description</h1>
	  <h5>(Medium) SECURITY-2558 / CVE-2022-20612</h5>
	  <p>CSRF vulnerability in build triggers</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-20612</cvename>
      <url>https://www.jenkins.io/security/advisory/2022-01-12/</url>
    </references>
    <dates>
      <discovery>2022-01-12</discovery>
      <entry>2022-01-12</entry>
    </dates>
  </vuln>

  <vuln vid="43f84437-73ab-11ec-a587-001b217b3468">
    <topic>Gitlab -- Multiple Vulnerabilities</topic>
    <affects>
      <package>
	<name>gitlab-ce</name>
	<range><ge>14.6.0</ge><lt>14.6.2</lt></range>
	<range><ge>14.5.0</ge><lt>14.5.3</lt></range>
	<range><ge>7.7</ge><lt>14.4.5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Gitlab reports:</p>
	<blockquote cite="https://about.gitlab.com/releases/2022/01/11/security-release-gitlab-14-6-2-released/">
	  <p>Arbitrary file read via group import feature</p>
	  <p>Stored XSS in notes</p>
	  <p>Lack of state parameter on GitHub import project OAuth</p>
	  <p>Vulnerability related fields are available to unauthorized users on GraphQL API</p>
	  <p>Deleting packages may cause table locks</p>
	  <p>IP restriction bypass via GraphQL</p>
	  <p>Repository content spoofing using Git replacement references</p>
	  <p>Users can import members from projects that they are not a maintainer on through API</p>
	  <p>Possibility to direct user to malicious site through Slack integration</p>
	  <p>Bypassing file size limits to the NPM package repository</p>
	  <p>User with expired password can still access sensitive information</p>
	  <p>Incorrect port validation allows access to services on ports 80 and 443 if GitLab is configured to run on another port</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-39946</cvename>
      <cvename>CVE-2022-0154</cvename>
      <cvename>CVE-2022-0152</cvename>
      <cvename>CVE-2022-0151</cvename>
      <cvename>CVE-2022-0172</cvename>
      <cvename>CVE-2022-0090</cvename>
      <cvename>CVE-2022-0125</cvename>
      <cvename>CVE-2022-0124</cvename>
      <cvename>CVE-2021-39942</cvename>
      <cvename>CVE-2022-0093</cvename>
      <cvename>CVE-2021-39927</cvename>
      <url>https://about.gitlab.com/releases/2022/01/11/security-release-gitlab-14-6-2-released/</url>
    </references>
    <dates>
      <discovery>2022-01-11</discovery>
      <entry>2022-01-12</entry>
    </dates>
  </vuln>

  <vuln vid="b927b654-7146-11ec-ad4b-5404a68ad561">
    <topic>uriparser -- Multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>uriparser</name>
	<range><lt>0.9.6</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Upstream project reports:</p>
	<blockquote cite="https://github.com/uriparser/uriparser/blob/uriparser-0.9.6/ChangeLog">
	  <p>Fix a bug affecting both uriNormalizeSyntax* and uriMakeOwner*
	     functions where the text range in .hostText would not be duped using
	     malloc but remain unchanged (and hence "not owned") for URIs with
	     an IPv4 or IPv6 address hostname; depending on how an application
	     uses uriparser, this could lead the application into a use-after-free
	     situation.
	     As the second half, fix uriFreeUriMembers* functions that would not
	     free .hostText memory for URIs with an IPv4 or IPv6 address host;
	     also, calling uriFreeUriMembers* multiple times on a URI of this
	     very nature would result in trying to free pointers to stack
	     (rather than heap) memory.
	     Fix functions uriNormalizeSyntax* for out-of-memory situations
	     (i.e. malloc returning NULL) for URIs containing empty segments
	     (any of user info, host text, query, or fragment) where previously
	     pointers to stack (rather than heap) memory were freed.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-46141</cvename>
      <cvename>CVE-2021-46142</cvename>
      <url>https://github.com/uriparser/uriparser/blob/uriparser-0.9.6/ChangeLog</url>
    </references>
    <dates>
      <discovery>2022-01-06</discovery>
      <entry>2022-01-09</entry>
    </dates>
  </vuln>

  <vuln vid="d3e023fb-6e88-11ec-b948-080027240888">
    <topic>Django -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>py37-django22</name>
	<name>py38-django22</name>
	<name>py39-django22</name>
	<range><lt>2.2.26</lt></range>
      </package>
      <package>
	<name>py37-django32</name>
	<name>py38-django32</name>
	<name>py39-django32</name>
	<range><lt>3.2.11</lt></range>
      </package>
      <package>
	<name>py37-django40</name>
	<name>py38-django40</name>
	<name>py39-django40</name>
	<range><lt>4.0.1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Django Release  reports:</p>
	<blockquote cite="https://www.djangoproject.com/weblog/2022/jan/04/security-releases/">
	  <p>CVE-2021-45115: Denial-of-service possibility in UserAttributeSimilarityValidator.</p>
	  <p>CVE-2021-45116: Potential information disclosure in dictsort template filter.</p>
	  <p>CVE-2021-45452: Potential directory-traversal via Storage.save().</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-45115</cvename>
      <cvename>CVE-2021-45116</cvename>
      <cvename>CVE-2021-45452</cvename>
      <url>https://www.djangoproject.com/weblog/2022/jan/04/security-releases/</url>
    </references>
    <dates>
      <discovery>2021-12-20</discovery>
      <entry>2022-01-06</entry>
    </dates>
  </vuln>

  <vuln vid="9c990e67-6e30-11ec-82db-b42e991fc52e">
    <topic>routinator -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>routinator</name>
	<range><lt>0.10.1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>nlnetlabs reports:</p>
	<blockquote cite="https://nlnetlabs.nl/projects/rpki/security-advisories/">
	  <p>Release 0.10.2 contains fixes for the following issues:</p>
	  <ul>
	    <li>Medium CVE-2021-43172: Infinite length chain of RRDP
	      repositories. Credit: Koen van Hove. Date: 2021-11-09</li>
	    <li>Medium CVE-2021-43173: Hanging RRDP request.
	      Credit: Koen van Hove. Date: 2021-11-09</li>
	    <li>Medium	CVE-2021-43174: gzip transfer encoding caused
	      out-of-memory crash. Credit Koen van Hove. Date: 2021-11-09</li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2021-43172</cvename>
      <cvename>CVE-2021-43173</cvename>
      <cvename>CVE-2021-43174</cvename>
      <url>https://nlnetlabs.nl/projects/rpki/security-advisories/</url>
    </references>
    <dates>
      <discovery>2021-11-09</discovery>
      <entry>2022-01-05</entry>
    </dates>
  </vuln>

  <vuln vid="9eeccbf3-6e26-11ec-bb10-3065ec8fd3ec">
    <topic>chromium -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>chromium</name>
	<range><lt>97.0.4692.71</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Chrome Releases reports:</p>
	<blockquote cite="https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html">
	  <p>This release contains 37 security fixes, including:</p>
	  <ul>
	    <li>[$TBD][1275020] Critical CVE-2022-0096: Use after free in
	      Storage. Reported by Yangkang (@dnpushme) of 360 ATA on
	      2021-11-30</li>
	    <li>[1117173] High CVE-2022-0097: Inappropriate implementation in
	      DevTools. Reported by David Erceg on 2020-08-17</li>
	    <li>[1273609] High CVE-2022-0098: Use after free in Screen Capture.
	      Reported by @ginggilBesel on 2021-11-24</li>
	    <li>[1245629] High CVE-2022-0099: Use after free in Sign-in.
	      Reported by Rox on 2021-09-01</li>
	    <li>[1238209] High CVE-2022-0100: Heap buffer overflow in Media
	      streams API. Reported by Cassidy Kim of Amber Security Lab, OPPO
	      Mobile Telecommunications Corp. Ltd. on 2021-08-10</li>
	    <li>[1249426] High CVE-2022-0101: Heap buffer overflow in Bookmarks.
	      Reported by raven (@raid_akame) on 2021-09-14</li>
	    <li>[1260129] High CVE-2022-0102: Type Confusion in V8 . Reported by
	      Brendon Tiszka on 2021-10-14</li>
	    <li>[1272266] High CVE-2022-0103: Use after free in SwiftShader.
	      Reported by Abraruddin Khan and Omair on 2021-11-21</li>
	    <li>[1273661] High CVE-2022-0104: Heap buffer overflow in ANGLE.
	      Reported by Abraruddin Khan and Omair on 2021-11-25</li>
	    <li>[1274376] High CVE-2022-0105: Use after free in PDF. Reported by
	      Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications
	      Corp. Ltd. on 2021-11-28</li>
	    <li>[1278960] High CVE-2022-0106: Use after free in Autofill.
	      Reported by Khalil Zhani on 2021-12-10</li>
	    <li>[1248438] Medium CVE-2022-0107: Use after free in File Manager
	      API. Reported by raven (@raid_akame) on 2021-09-10</li>
	    <li>[1248444] Medium CVE-2022-0108: Inappropriate implementation in
	      Navigation. Reported by Luan Herrera (@lbherrera_) on
	      2021-09-10</li>
	    <li>[1261689] Medium CVE-2022-0109: Inappropriate implementation in
	      Autofill. Reported by Young Min Kim (@ylemkimon), CompSec Lab at
	      Seoul National University on 2021-10-20</li>
	    <li>[1237310] Medium CVE-2022-0110: Incorrect security UI in
	      Autofill. Reported by Alesandro Ortiz on 2021-08-06</li>
	    <li>[1241188] Medium CVE-2022-0111: Inappropriate implementation in
	      Navigation. Reported by garygreen on 2021-08-18</li>
	    <li>[1255713] Medium CVE-2022-0112: Incorrect security UI in Browser
	      UI. Reported by Thomas Orlita on 2021-10-04</li>
	    <li>[1039885] Medium CVE-2022-0113: Inappropriate implementation in
	      Blink. Reported by Luan Herrera (@lbherrera_) on 2020-01-07</li>
	    <li>[1267627] Medium CVE-2022-0114: Out of bounds memory access in
	      Web Serial. Reported by Looben Yang on 2021-11-06</li>
	    <li>[1268903] Medium CVE-2022-0115: Uninitialized Use in File API.
	      Reported by Mark Brand of Google Project Zero on 2021-11-10</li>
	    <li>[1272250] Medium CVE-2022-0116: Inappropriate implementation in
	      Compositing. Reported by Irvan Kurniawan (sourc7) on
	      2021-11-20</li>
	    <li>[1115847] Low CVE-2022-0117: Policy bypass in Service Workers.
	      Reported by Dongsung Kim (@kid1ng) on 2020-08-13</li>
	    <li>[1238631] Low CVE-2022-0118: Inappropriate implementation in
	      WebShare. Reported by Alesandro Ortiz on 2021-08-11</li>
	    <li>[1262953] Low CVE-2022-0120: Inappropriate implementation in
	      Passwords. Reported by CHAKRAVARTHI (Ruler96) on 2021-10-25</li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2022-0096</cvename>
      <cvename>CVE-2022-0097</cvename>
      <cvename>CVE-2022-0098</cvename>
      <cvename>CVE-2022-0099</cvename>
      <cvename>CVE-2022-0100</cvename>
      <cvename>CVE-2022-0101</cvename>
      <cvename>CVE-2022-0102</cvename>
      <cvename>CVE-2022-0103</cvename>
      <cvename>CVE-2022-0104</cvename>
      <cvename>CVE-2022-0105</cvename>
      <cvename>CVE-2022-0106</cvename>
      <cvename>CVE-2022-0107</cvename>
      <cvename>CVE-2022-0108</cvename>
      <cvename>CVE-2022-0109</cvename>
      <cvename>CVE-2022-0110</cvename>
      <cvename>CVE-2022-0111</cvename>
      <cvename>CVE-2022-0112</cvename>
      <cvename>CVE-2022-0113</cvename>
      <cvename>CVE-2022-0114</cvename>
      <cvename>CVE-2022-0115</cvename>
      <cvename>CVE-2022-0116</cvename>
      <cvename>CVE-2022-0117</cvename>
      <cvename>CVE-2022-0118</cvename>
      <cvename>CVE-2022-0120</cvename>
      <url>https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html</url>
    </references>
    <dates>
      <discovery>2022-01-04</discovery>
      <entry>2022-01-05</entry>
    </dates>
  </vuln>