{"vulnerability": "CVE-2022-3115", "sightings": [{"uuid": "134d4c5f-902a-4272-9c16-9a4352311fe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31159", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwud7a7ym52m", "content": "", "creation_timestamp": "2025-08-20T21:02:35.699309Z"}, {"uuid": "a2fa01dd-ad9d-4fab-8001-0557b4e85bcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3115", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12842", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3115\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.\n\ud83d\udccf Published: 2022-12-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-22T13:54:25.930Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=73c3ed7495c67b8fbdc31cf58e6ca8757df31a33\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2153058", "creation_timestamp": "2025-04-22T14:03:29.000000Z"}, {"uuid": "96973829-c38d-406a-9e47-4e7e7eaa473c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31154", "type": "seen", "source": "https://t.me/cibsecurity/47369", "content": "\u203c CVE-2022-31154 \u203c\n\nSourcegraph is an opensource code search and navigation engine. It is possible for an authenticated Sourcegraph user to edit the Code Monitors owned by any other Sourcegraph user. This includes being able to edit both the trigger and the action of the monitor in question. An attacker is not able to read contents of existing code monitors, only override the data. The issue is fixed in Sourcegraph 3.42. There are no workaround for the issue and patching is highly recommended.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-01T22:17:05.000000Z"}, {"uuid": "45e780b9-f1af-48f3-b0ee-71a2b6f049bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31155", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13106", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31155\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Sourcegraph is an opensource code search and navigation engine. In Sourcegraph versions before 3.41.0, it is possible for an attacker to delete other users\u2019 saved searches due to a bug in the authorization check. The vulnerability does not allow the reading of other users\u2019 saved searches, only overwriting them with attacker-controlled searches. The issue is patched in Sourcegraph version 3.41.0. There is no workaround for this issue and updating to a secure version is highly recommended.\n\ud83d\udccf Published: 2022-08-01T18:40:28.000Z\n\ud83d\udccf Modified: 2025-04-23T17:56:41.203Z\n\ud83d\udd17 References:\n1. https://github.com/sourcegraph/sourcegraph/security/advisories/GHSA-37qp-9jq6-f6mx\n2. https://github.com/sourcegraph/sourcegraph/commit/2832d7882396a6295ba5803b5ef48dc7d5a24c59", "creation_timestamp": "2025-04-23T18:05:48.000000Z"}, {"uuid": "8e1a3dc0-6099-4a21-8013-e17e7ea83deb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31158", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13091", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31158\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the Authentication Request. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.\n\ud83d\udccf Published: 2022-07-15T17:15:12.000Z\n\ud83d\udccf Modified: 2025-04-23T17:58:17.098Z\n\ud83d\udd17 References:\n1. https://github.com/packbackbooks/lti-1-3-php-library/security/advisories/GHSA-5p73-qg2v-383h", "creation_timestamp": "2025-04-23T18:05:26.000000Z"}, {"uuid": "efcc48e2-e15c-430e-a5eb-47d52be7396f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31157", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13092", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31157\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.\n\ud83d\udccf Published: 2022-07-15T17:15:21.000Z\n\ud83d\udccf Modified: 2025-04-23T17:58:11.075Z\n\ud83d\udd17 References:\n1. https://github.com/packbackbooks/lti-1-3-php-library/security/advisories/GHSA-768m-5w34-2xf5", "creation_timestamp": "2025-04-23T18:05:27.000000Z"}, {"uuid": "a0c29355-bab5-46f3-9177-790f2709a3c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31154", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13105", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31154\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L)\n\ud83d\udd39 Description: Sourcegraph is an opensource code search and navigation engine. It is possible for an authenticated Sourcegraph user to edit the Code Monitors owned by any other Sourcegraph user. This includes being able to edit both the trigger and the action of the monitor in question. An attacker is not able to read contents of existing code monitors, only override the data. The issue is fixed in Sourcegraph 3.42. There are no workaround for the issue and patching is highly recommended.\n\ud83d\udccf Published: 2022-08-01T18:40:10.000Z\n\ud83d\udccf Modified: 2025-04-23T17:56:47.681Z\n\ud83d\udd17 References:\n1. https://github.com/sourcegraph/sourcegraph/security/advisories/GHSA-5866-hhq9-9hpc\n2. https://github.com/sourcegraph/sourcegraph/pull/37526", "creation_timestamp": "2025-04-23T18:05:47.000000Z"}, {"uuid": "e2d50cbd-1215-4178-a351-e852cf1e3c2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3115", "type": "seen", "source": "https://t.me/cibsecurity/54576", "content": "\u203c CVE-2022-3115 \u203c\n\nAn issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-15T00:23:11.000000Z"}, {"uuid": "2d312271-74b3-4747-a400-277b6462b129", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31151", "type": "seen", "source": "https://t.me/cibsecurity/46725", "content": "\u203c CVE-2022-31151 \u203c\n\nAuthorization headers are cleared on cross-origin redirect. However, cookie headers which are sensitive headers and are official headers found in the spec, remain uncleared. There are active users using cookie headers in undici. This may lead to accidental leakage of cookie to a 3rd-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the 3rd party site. This was patched in v5.7.1. By default, this vulnerability is not exploitable. Do not enable redirections, i.e. `maxRedirections: 0` (the default).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-21T07:12:43.000000Z"}, {"uuid": "3a5bbbe2-77e1-488f-9596-598cdc95e911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31155", "type": "seen", "source": "https://t.me/cibsecurity/47368", "content": "\u203c CVE-2022-31155 \u203c\n\nSourcegraph is an opensource code search and navigation engine. In Sourcegraph versions before 3.41.0, it is possible for an attacker to delete other users\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2 saved searches due to a bug in the authorization check. The vulnerability does not allow the reading of other users\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2 saved searches, only overwriting them with attacker-controlled searches. The issue is patched in Sourcegraph version 3.41.0. There is no workaround for this issue and updating to a secure version is highly recommended.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-01T22:17:03.000000Z"}, {"uuid": "fe705c03-6bbd-448e-a8ce-50047e7902eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31159", "type": "seen", "source": "https://t.me/cibsecurity/46368", "content": "\u203c CVE-2022-31159 \u203c\n\nThe AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issue\u00e2\u20ac\u2122s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` .\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-15T22:20:31.000000Z"}, {"uuid": "daa1149d-7d32-4a94-8eaf-b9a321eb0dfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31158", "type": "seen", "source": "https://t.me/cibsecurity/46367", "content": "\u203c CVE-2022-31158 \u203c\n\nLTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the Authentication Request. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-15T22:20:30.000000Z"}, {"uuid": "55797b55-fdc3-45f6-88fe-303fe7d9d526", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31150", "type": "seen", "source": "https://t.me/cibsecurity/46592", "content": "\u203c CVE-2022-31150 \u203c\n\nundici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\\r\\n` is a workaround for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T00:41:06.000000Z"}, {"uuid": "a3e6ffd9-c349-4ba7-bd5f-e4e2a38165cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31153", "type": "seen", "source": "https://t.me/cibsecurity/46370", "content": "\u203c CVE-2022-31153 \u203c\n\nOpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts (vanilla and ethereum flavors) in the v0.2.0 release of OpenZeppelin Contracts for Cairo, which are not whitelisted on StarkNet mainnet. Only goerli deployments of v0.2.0 accounts are affected. This faulty behavior is not observed in StarkNet's testing framework. This bug has been patched in v0.2.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-15T22:20:34.000000Z"}, {"uuid": "4ed1548a-e560-47b5-8c8e-9c1035523cf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31157", "type": "seen", "source": "https://t.me/cibsecurity/46369", "content": "\u203c CVE-2022-31157 \u203c\n\nLTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-15T22:20:33.000000Z"}]}