Search for vulnerabilities
Vulnerability details: VCID-1f3w-pp77-aaag
Vulnerability ID VCID-1f3w-pp77-aaag
Aliases CVE-2022-21426
Summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-400 Uncontrolled Resource Consumption
CWE-770 Allocation of Resources Without Limits or Throttling
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2022:1435
rhas Important https://access.redhat.com/errata/RHSA-2022:1436
rhas Important https://access.redhat.com/errata/RHSA-2022:1437
rhas Important https://access.redhat.com/errata/RHSA-2022:1439
rhas Important https://access.redhat.com/errata/RHSA-2022:1440
rhas Important https://access.redhat.com/errata/RHSA-2022:1441
rhas Important https://access.redhat.com/errata/RHSA-2022:1442
rhas Important https://access.redhat.com/errata/RHSA-2022:1443
rhas Important https://access.redhat.com/errata/RHSA-2022:1444
rhas Important https://access.redhat.com/errata/RHSA-2022:1445
rhas Important https://access.redhat.com/errata/RHSA-2022:1487
rhas Important https://access.redhat.com/errata/RHSA-2022:1488
rhas Important https://access.redhat.com/errata/RHSA-2022:1489
rhas Important https://access.redhat.com/errata/RHSA-2022:1490
rhas Important https://access.redhat.com/errata/RHSA-2022:1491
rhas Important https://access.redhat.com/errata/RHSA-2022:1728
rhas Important https://access.redhat.com/errata/RHSA-2022:1729
rhas Important https://access.redhat.com/errata/RHSA-2022:2137
cvssv3 5.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21426.json
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00048 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00055 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00206 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00206 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00206 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00206 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00214 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
epss 0.00245 https://api.first.org/data/v1/epss?cve=CVE-2022-21426
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=2075788
cvssv3.1 5.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2022-21426
cvssv3 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-21426
archlinux High https://security.archlinux.org/AVG-2686
archlinux High https://security.archlinux.org/AVG-2687
archlinux High https://security.archlinux.org/AVG-2688
archlinux High https://security.archlinux.org/AVG-2689
cvssv3.1 5.3 https://www.oracle.com/security-alerts/cpuapr2022.html
generic_textual MODERATE https://www.oracle.com/security-alerts/cpuapr2022.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21426.json
https://api.first.org/data/v1/epss?cve=CVE-2022-21426
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html
https://security.netapp.com/advisory/ntap-20220429-0006/
https://www.debian.org/security/2022/dsa-5128
https://www.debian.org/security/2022/dsa-5131
https://www.oracle.com/security-alerts/cpuapr2022.html
2075788 https://bugzilla.redhat.com/show_bug.cgi?id=2075788
AVG-2686 https://security.archlinux.org/AVG-2686
AVG-2687 https://security.archlinux.org/AVG-2687
AVG-2688 https://security.archlinux.org/AVG-2688
AVG-2689 https://security.archlinux.org/AVG-2689
cpe:2.3:a:azul:zulu:11.54:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:azul:zulu:11.54:*:*:*:*:*:*:*
cpe:2.3:a:azul:zulu:13.46:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:azul:zulu:13.46:*:*:*:*:*:*:*
cpe:2.3:a:azul:zulu:15.38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:azul:zulu:15.38:*:*:*:*:*:*:*
cpe:2.3:a:azul:zulu:17.32:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:azul:zulu:17.32:*:*:*:*:*:*:*
cpe:2.3:a:azul:zulu:18.28:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:azul:zulu:18.28:*:*:*:*:*:*:*
cpe:2.3:a:azul:zulu:6.45:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:azul:zulu:6.45:*:*:*:*:*:*:*
cpe:2.3:a:azul:zulu:7.52:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:azul:zulu:7.52:*:*:*:*:*:*:*
cpe:2.3:a:azul:zulu:8.60:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:azul:zulu:8.60:*:*:*:*:*:*:*
cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire\,_enterprise_sds_\&_hci_storage_node:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:solidfire\,_enterprise_sds_\&_hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:graalvm:20.3.5:*:*:*:enterprise:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.5:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:graalvm:21.3.1:*:*:*:enterprise:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.1:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:graalvm:22.0.0.2:*:*:*:enterprise:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:22.0.0.2:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:jdk:11.0.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.14:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:17.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:17.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update331:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update331:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:18:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update321:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update321:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:11.0.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.14:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:17.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:17.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update331:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update331:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:18:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update321:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update321:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*
CVE-2022-21426 https://nvd.nist.gov/vuln/detail/CVE-2022-21426
RHSA-2022:1435 https://access.redhat.com/errata/RHSA-2022:1435
RHSA-2022:1436 https://access.redhat.com/errata/RHSA-2022:1436
RHSA-2022:1437 https://access.redhat.com/errata/RHSA-2022:1437
RHSA-2022:1438 https://access.redhat.com/errata/RHSA-2022:1438
RHSA-2022:1439 https://access.redhat.com/errata/RHSA-2022:1439
RHSA-2022:1440 https://access.redhat.com/errata/RHSA-2022:1440
RHSA-2022:1441 https://access.redhat.com/errata/RHSA-2022:1441
RHSA-2022:1442 https://access.redhat.com/errata/RHSA-2022:1442
RHSA-2022:1443 https://access.redhat.com/errata/RHSA-2022:1443
RHSA-2022:1444 https://access.redhat.com/errata/RHSA-2022:1444
RHSA-2022:1445 https://access.redhat.com/errata/RHSA-2022:1445
RHSA-2022:1487 https://access.redhat.com/errata/RHSA-2022:1487
RHSA-2022:1488 https://access.redhat.com/errata/RHSA-2022:1488
RHSA-2022:1489 https://access.redhat.com/errata/RHSA-2022:1489
RHSA-2022:1490 https://access.redhat.com/errata/RHSA-2022:1490
RHSA-2022:1491 https://access.redhat.com/errata/RHSA-2022:1491
RHSA-2022:1492 https://access.redhat.com/errata/RHSA-2022:1492
RHSA-2022:1728 https://access.redhat.com/errata/RHSA-2022:1728
RHSA-2022:1729 https://access.redhat.com/errata/RHSA-2022:1729
RHSA-2022:2137 https://access.redhat.com/errata/RHSA-2022:2137
RHSA-2023:3136 https://access.redhat.com/errata/RHSA-2023:3136
USN-5388-1 https://usn.ubuntu.com/5388-1/
USN-5388-2 https://usn.ubuntu.com/5388-2/
USN-5546-1 https://usn.ubuntu.com/5546-1/
USN-5546-2 https://usn.ubuntu.com/5546-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21426.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2022-21426
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2022-21426
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://www.oracle.com/security-alerts/cpuapr2022.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.19794
EPSS Score 0.00048
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.