Web Application Security – ModSecurity Commercial Rules, Update for December 2022 | Trustwave

Summary

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!

New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Adobe Acrobat and Reader (Credentialed Checks)

• Adobe Acrobat and Reader Security Update Missing (APSB21-104) (CVE-2021-40728, CVE-2021-40729, CVE-2021-40730, CVE-2021-40731)
• Adobe Acrobat and Reader Security Update Missing (APSB22-01) (CVE-2021-44701, CVE-2021-44702, CVE-2021-44703, CVE-2021-44704, CVE-2021-44705, CVE-2021-44706, CVE-2021-44707, CVE-2021-44708, CVE-2021-44709, CVE-2021-44710, CVE-2021-44711, CVE-2021-44712, CVE-2021-44713, CVE-2021-44714, CVE-2021-44715, CVE-2021-44739, CVE-2021-44740, CVE-2021-44741, CVE-2021-44742, CVE-2021-45060, CVE-2021-45061, CVE-2021-45062, CVE-2021-45063, CVE-2021-45064, CVE-2021-45067, CVE-2021-45068, CVE-2022-24091, CVE-2022-24092)
• Adobe Acrobat and Reader Security Update Missing (APSB22-16) (CVE-2022-24101, CVE-2022-24102, CVE-2022-24103, CVE-2022-24104, CVE-2022-27785, CVE-2022-27786, CVE-2022-27787, CVE-2022-27788, CVE-2022-27789, CVE-2022-27790, CVE-2022-27791, CVE-2022-27792, CVE-2022-27793, CVE-2022-27794, CVE-2022-27795, CVE-2022-27796, CVE-2022-27797, CVE-2022-27798, CVE-2022-27799, CVE-2022-27800, CVE-2022-27801, CVE-2022-27802, CVE-2022-28230, CVE-2022-28231, CVE-2022-28232, CVE-2022-28233, CVE-2022-28234, CVE-2022-28235, CVE-2022-28236, CVE-2022-28237, CVE-2022-28238, CVE-2022-28239, CVE-2022-28240, CVE-2022-28241, CVE-2022-28242, CVE-2022-28243, CVE-2022-28244, CVE-2022-28245, CVE-2022-28246, CVE-2022-28247, CVE-2022-28248, CVE-2022-28249, CVE-2022-28250, CVE-2022-28251, CVE-2022-28252, CVE-2022-28253, CVE-2022-28254, CVE-2022-28255, CVE-2022-28256, CVE-2022-28257, CVE-2022-28258, CVE-2022-28259, CVE-2022-28260, CVE-2022-28261, CVE-2022-28262, CVE-2022-28263, CVE-2022-28264, CVE-2022-28265, CVE-2022-28266, CVE-2022-28267, CVE-2022-28268, CVE-2022-28269, CVE-2022-28837, CVE-2022-28838)

Apache

• Apache Tomcat Form Authentication Cross-Site Scripting Vulnerability (CVE-2022-34305)

CentOS (Credentialed Checks)

• CentOS Linux 389-ds-base security bug fix and enhancement update (CESA-2022:5239) (CVE-2022-0918, CVE-2022-0996)
• CentOS Linux compat-openssl10 security update (CESA-2022:5326) (CVE-2022-0778)
• CentOS Linux curl security update (CESA-2022:5313) (CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782)
• CentOS Linux expat security update (CESA-2022:5314) (CVE-2022-25313, CVE-2022-25314)
• CentOS Linux firefox security update (CESA-2022:5479) (CVE-2022-2200, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• CentOS Linux go-toolset:rhel8 security and bug fix update (CESA-2022:5337) (CVE-2022-24675, CVE-2022-28327, CVE-2022-29526)
• CentOS Linux kernel security and bug fix update (CESA-2022:5232) (CVE-2022-1729, CVE-2022-1966)
• CentOS Linux kernel security and bug fix update (CESA-2022:5316) (CVE-2020-28915, CVE-2022-27666)
• CentOS Linux kpatch-patch security update (CESA-2022:5219) (CVE-2022-27666)
• CentOS Linux libgcrypt security update (CESA-2022:5311) (CVE-2021-40528)
• CentOS Linux libinput security update (CESA-2022:5331) (CVE-2022-1215)
• CentOS Linux libxml2 security update (CESA-2022:5317) (CVE-2022-29824)
• CentOS Linux php:7.4 security update (CESA-2022:5467) (CVE-2022-31626)
• CentOS Linux php:8.0 security update (CESA-2022:5468) (CVE-2022-31626)
• CentOS Linux python security update (CESA-2022:5235) (CVE-2020-26116, CVE-2020-26137, CVE-2021-3177)
• CentOS Linux python-virtualenv security update (CESA-2022:5234) (CVE-2019-20916)
• CentOS Linux Satellite 6.11 Release (CESA-2022:5498) (CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-30151, CVE-2021-3200, CVE-2021-32839, CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938, CVE-2021-3584, CVE-2021-41136, CVE-2021-4142, CVE-2021-42550, CVE-2021-43797, CVE-2021-43818, CVE-2021-44420, CVE-2021-44568, CVE-2021-45115, CVE-2021-45116, CVE-2021-45452, CVE-2022-22818, CVE-2022-23633, CVE-2022-23634, CVE-2022-23833, CVE-2022-23837, CVE-2022-28346, CVE-2022-28347)
• CentOS Linux squid security update (CESA-2022:5542) (CVE-2021-46784)
• CentOS Linux squid:4 security update (CESA-2022:5526) (CVE-2021-46784)
• CentOS Linux thunderbird security update (CESA-2022:5470) (CVE-2022-2200, CVE-2022-2226, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• CentOS Linux vim security update (CESA-2022:5319) (CVE-2022-1621, CVE-2022-1629)

Debian (Credentialed Checks)

• Debian blender LTS Security Update (DLA-3060-1) (CVE-2022-0544, CVE-2022-0545, CVE-2022-0546)
• Debian blender Security Update (DSA-5176-1) (CVE-2022-0544, CVE-2022-0545, CVE-2022-0546)
• Debian firefox-esr LTS Security Update (DLA-3064-1) (CVE-2022-2200, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• Debian firefox-esr Security Update (DSA-5172-1) (CVE-2022-2200, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• Debian firejail LTS Security Update (DLA-3061-1) (CVE-2022-31214)
• Debian gnupg2 Security Update (DSA-5174-1) (CVE-2022-34903)
• Debian intel-microcode Security Update (DSA-5178-1) (CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21151, CVE-2022-21166)
• Debian isync LTS Security Update (DLA-3066-1) (CVE-2021-20247, CVE-2021-3578, CVE-2021-3657)
• Debian ldap-account-manager Security Update (DSA-5177-1) (CVE-2022-24851, CVE-2022-31084, CVE-2022-31085, CVE-2022-31086, CVE-2022-31087, CVE-2022-31088)
• Debian libsndfile LTS Security Update (DLA-3058-1) (CVE-2017-12562, CVE-2021-4156)
• Debian linux LTS Security Update (DLA-3065-1) (CVE-2018-1108, CVE-2021-39713, CVE-2021-4149, CVE-2022-0494, CVE-2022-0812, CVE-2022-0854, CVE-2022-1011, CVE-2022-1012, CVE-2022-1016, CVE-2022-1198, CVE-2022-1199, CVE-2022-1353, CVE-2022-1516, CVE-2022-1729, CVE-2022-1734, CVE-2022-1974, CVE-2022-1975, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-2153, CVE-2022-23036, CVE-2022-23037, CVE-2022-23038, CVE-2022-23039, CVE-2022-23040, CVE-2022-23041, CVE-2022-23042, CVE-2022-23960, CVE-2022-24958, CVE-2022-26490, CVE-2022-26966, CVE-2022-27223, CVE-2022-28356, CVE-2022-28390, CVE-2022-30594, CVE-2022-32250, CVE-2022-32296, CVE-2022-33981)
• Debian linux Security Update (DSA-5173-1) (CVE-2021-4197, CVE-2022-0494, CVE-2022-0812, CVE-2022-0854, CVE-2022-1011, CVE-2022-1012, CVE-2022-1016, CVE-2022-1048, CVE-2022-1184, CVE-2022-1195, CVE-2022-1198, CVE-2022-1199, CVE-2022-1204, CVE-2022-1205, CVE-2022-1353, CVE-2022-1419, CVE-2022-1516, CVE-2022-1652, CVE-2022-1729, CVE-2022-1734, CVE-2022-1974, CVE-2022-1975, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-2153, CVE-2022-23960, CVE-2022-26490, CVE-2022-27666, CVE-2022-28356, CVE-2022-28388, CVE-2022-28389, CVE-2022-28390, CVE-2022-29581, CVE-2022-30594, CVE-2022-32250, CVE-2022-32296, CVE-2022-33981)
• Debian maven-shared-utils LTS Security Update (DLA-3059-1) (CVE-2022-29599)
• Debian nodejs Security Update (DSA-5170-1) (CVE-2021-22959, CVE-2021-22960, CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2022-21824)
• Debian php7.4 Security Update (DSA-5179-1) (CVE-2022-31625, CVE-2022-31626)
• Debian squid Security Update (DSA-5171-1) (CVE-2021-28116, CVE-2021-46784)
• Debian systemd LTS Security Update (DLA-3063-1) (CVE-2020-1712)
• Debian thunderbird Security Update (DSA-5175-1) (CVE-2022-2200, CVE-2022-2226, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• Debian ublock-origin LTS Security Update (DLA-3062-1) (CVE-2021-36773)

Fedora (Credentialed Checks)

• Fedora chromium Security Update (FEDORA-2022-7416607232) (CVE-2022-1633, CVE-2022-1634, CVE-2022-1635, CVE-2022-1636, CVE-2022-1637, CVE-2022-1638, CVE-2022-1639, CVE-2022-1640, CVE-2022-1641, CVE-2022-1853, CVE-2022-1854, CVE-2022-1855, CVE-2022-1856, CVE-2022-1857, CVE-2022-1858, CVE-2022-1859, CVE-2022-1860, CVE-2022-1861, CVE-2022-1862, CVE-2022-1863, CVE-2022-1864, CVE-2022-1865, CVE-2022-1866, CVE-2022-1867, CVE-2022-1868, CVE-2022-1869, CVE-2022-1870, CVE-2022-1871, CVE-2022-1872, CVE-2022-1873, CVE-2022-1874, CVE-2022-1875, CVE-2022-1876)
• Fedora chromium Security Update (FEDORA-2022-bcb096166f) (CVE-2022-1633, CVE-2022-1634, CVE-2022-1635, CVE-2022-1636, CVE-2022-1637, CVE-2022-1638, CVE-2022-1639, CVE-2022-1640, CVE-2022-1641, CVE-2022-1853, CVE-2022-1854, CVE-2022-1855, CVE-2022-1856, CVE-2022-1857, CVE-2022-1858, CVE-2022-1859, CVE-2022-1860, CVE-2022-1861, CVE-2022-1862, CVE-2022-1863, CVE-2022-1864, CVE-2022-1865, CVE-2022-1866, CVE-2022-1867, CVE-2022-1868, CVE-2022-1869, CVE-2022-1870, CVE-2022-1871, CVE-2022-1872, CVE-2022-1873, CVE-2022-1874, CVE-2022-1875, CVE-2022-1876)
• Fedora curl Security Update (FEDORA-2022-8bd3bf5b40) (CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208)
• Fedora dotnet3.1 Security Update (FEDORA-2022-5508547b1e) (CVE-2022-30184)
• Fedora dotnet3.1 Security Update (FEDORA-2022-cd37732349) (CVE-2022-30184)
• Fedora gerbv Security Update (FEDORA-2022-4a3ef86baa) (CVE-2021-40391, CVE-2021-40401)
• Fedora gnupg2 Security Update (FEDORA-2022-aa14d396dd) (CVE-2022-34903)
• Fedora golang Security Update (FEDORA-2022-e46e6e8317) (CVE-2022-24675, CVE-2022-28327)
• Fedora golang Security Update (FEDORA-2022-ffe7dba2cb) (CVE-2022-29526)
• Fedora golang-github-lucas-clemente-quic Security Update (FEDORA-2022-c0f780ecf1) (CVE-2022-24675, CVE-2022-28327)
• Fedora golang-github-prometheus-client Security Update (FEDORA-2022-92ef43c439) (CVE-2022-21698)
• Fedora httpd Security Update (FEDORA-2022-b54a8dee29) (CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813)
• Fedora httpd Security Update (FEDORA-2022-e620fb15d5) (CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813)
• Fedora kernel Security Update (FEDORA-2022-b47003a52b) (CVE-2022-34918)
• Fedora kernel Security Update (FEDORA-2022-d280d3b05d) (CVE-2022-34918)
• Fedora matrix-synapse Security Update (FEDORA-2022-1a2312e4d6) (CVE-2022-31052)
• Fedora matrix-synapse Security Update (FEDORA-2022-45bf6d4b88) (CVE-2022-31052)
• Fedora mingw-wavpack Security Update (FEDORA-2022-8e94ec2244) (CVE-2021-44269)
• Fedora mingw-wavpack Security Update (FEDORA-2022-cece705cbf) (CVE-2021-44269)
• Fedora Multiple Packages Security Update (FEDORA-2022-fae3ecee19) (CVE-2022-21698, CVE-2022-24675, CVE-2022-27191, CVE-2022-28327)
• Fedora openssl Security Update (FEDORA-2022-3fdc2d3047) (CVE-2022-2097)
• Fedora openssl Security Update (FEDORA-2022-c9c02865f6) (CVE-2022-1292)
• Fedora openssl1.1 Security Update (FEDORA-2022-3b7d0abd0b) (CVE-2022-2068)
• Fedora pypy Security Update (FEDORA-2022-9dd70781cb) (CVE-2015-20107)
• Fedora pypy Security Update (FEDORA-2022-ce55d01569) (CVE-2015-20107)
• Fedora pypy3.7 Security Update (FEDORA-2022-20e87fb0d1) (CVE-2015-20107)
• Fedora pypy3.7 Security Update (FEDORA-2022-d157a91e10) (CVE-2015-20107)
• Fedora pypy3.8 Security Update (FEDORA-2022-9cd41b6709) (CVE-2015-20107)
• Fedora pypy3.8 Security Update (FEDORA-2022-b499f2a9c6) (CVE-2015-20107)
• Fedora pypy3.9 Security Update (FEDORA-2022-17a1bb7e78) (CVE-2015-20107)
• Fedora pypy3.9 Security Update (FEDORA-2022-dbe9a8f9ac) (CVE-2015-20107)
• Fedora python-twisted Security Update (FEDORA-2022-71b66d4747) (CVE-2022-21712, CVE-2022-21716, CVE-2022-24801)
• Fedora python-twisted Security Update (FEDORA-2022-9a489fa494) (CVE-2022-21712, CVE-2022-21716, CVE-2022-24801)
• Fedora squid Security Update (FEDORA-2022-0fa51087e7) (CVE-2021-46784)
• Fedora squid Security Update (FEDORA-2022-d22a045d7a) (CVE-2021-46784)
• Fedora tor Security Update (FEDORA-2022-456b252727) (CVE-2022-33903)
• Fedora uboot-tools Security Update (FEDORA-2022-61cf1c64f6) (CVE-2018-25032, CVE-2022-30767)
• Fedora vim Security Update (FEDORA-2022-719f3ec21b) (CVE-2022-1720, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231)
• Fedora vim Security Update (FEDORA-2022-bb7f3cacbf) (CVE-2022-1720, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231)
• Fedora webkit2gtk3 Security Update (FEDORA-2022-fdb75e7766) (CVE-2022-22662, CVE-2022-26710)
• Fedora xen Security Update (FEDORA-2022-925fc688c1) (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166)

FreeBSD

• FreeBSD chromium Security Update (744ec9d7-fe0f-11ec-bcd2-3065ec8fd3ec) (CVE-2022-2294, CVE-2022-2295, CVE-2022-2296)
• FreeBSD Django Security Update (5be19b0d-fb85-11ec-95cd-080027b24e86) (CVE-2022-34265)
• FreeBSD Gitlab Security Update (d1b35142-ff4a-11ec-8be3-001b217b3468) (CVE-2022-1954, CVE-2022-1963, CVE-2022-1981, CVE-2022-1983, CVE-2022-1999, CVE-2022-2185, CVE-2022-2227, CVE-2022-2228, CVE-2022-2229, CVE-2022-2230, CVE-2022-2235, CVE-2022-2243, CVE-2022-2244, CVE-2022-2250, CVE-2022-2270, CVE-2022-2281)
• FreeBSD mat2 Security Update (830855f3-ffcc-11ec-9d41-d05099c8b5a7) (CVE-2022-35410)
• FreeBSD mediawiki Security Update (5ab54ea0-fa94-11ec-996c-080027b24e86) (CVE-2022-27776, CVE-2022-29248)
• FreeBSD Node.js Security Update (b9210706-feb0-11ec-81fa-1c697a616631) (CVE-2022-2097, CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-32222)
• FreeBSD OpenSSL Security Update (a28e8b7e-fc70-11ec-856e-d4c9ef517024) (CVE-2022-2097)
• FreeBSD OpenSSL Security Update (f0e45968-faff-11ec-856e-d4c9ef517024) (CVE-2022-2274)
• FreeBSD py-matrix-synapse Security Update (07c0d782-f758-11ec-acaa-901b0e9408dc) (CVE-2022-31052)

Microsoft

• Microsoft Windows July 2022 Security Updates Missing (CVE-2022-21845, CVE-2022-22022, CVE-2022-22023, CVE-2022-22024, CVE-2022-22025, CVE-2022-22026, CVE-2022-22027, CVE-2022-22028, CVE-2022-22029, CVE-2022-22031, CVE-2022-22034, CVE-2022-22036, CVE-2022-22037, CVE-2022-22038, CVE-2022-22039, CVE-2022-22040, CVE-2022-22041, CVE-2022-22042, CVE-2022-22043, CVE-2022-22045, CVE-2022-22047, CVE-2022-22048, CVE-2022-22049, CVE-2022-22050, CVE-2022-22711, CVE-2022-27776, CVE-2022-30202, CVE-2022-30203, CVE-2022-30205, CVE-2022-30206, CVE-2022-30208, CVE-2022-30209, CVE-2022-30211, CVE-2022-30212, CVE-2022-30213, CVE-2022-30214, CVE-2022-30215, CVE-2022-30216, CVE-2022-30220, CVE-2022-30221, CVE-2022-30222, CVE-2022-30223, CVE-2022-30224, CVE-2022-30225, CVE-2022-30226, CVE-2022-33644)

PHP

• PHP pdo_mysql extension Remote Code Execution Vulnerability (CVE-2022-31626)
• PHP Postgres extension Remote Code Execution Vulnerability (CVE-2022-31625)

Red Hat (Credentialed Checks)

• Red Hat Enterprise Linux 389-ds-base security, bug fix, and enhancement update (RHSA-2022:5239) (CVE-2022-0918, CVE-2022-0996)
• Red Hat Enterprise Linux compat-openssl10 security update (RHSA-2022:5326) (CVE-2022-0778)
• Red Hat Enterprise Linux curl security update (RHSA-2022:5313) (CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782)
• Red Hat Enterprise Linux expat security update (RHSA-2022:5314) (CVE-2022-25313, CVE-2022-25314)
• Red Hat Enterprise Linux firefox security update (RHSA-2022:5469) (CVE-2022-2200, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• Red Hat Enterprise Linux firefox security update (RHSA-2022:5479) (CVE-2022-2200, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• Red Hat Enterprise Linux go-toolset:rhel8 security and bug fix update (RHSA-2022:5337) (CVE-2022-24675, CVE-2022-28327, CVE-2022-29526)
• Red Hat Enterprise Linux kernel security and bug fix update (RHSA-2022:5232) (CVE-2022-1729, CVE-2022-1966)
• Red Hat Enterprise Linux kernel security and bug fix update (RHSA-2022:5316) (CVE-2020-28915, CVE-2022-27666)
• Red Hat Enterprise Linux kpatch-patch security update (RHSA-2022:5216) (CVE-2022-1966)
• Red Hat Enterprise Linux kpatch-patch security update (RHSA-2022:5219) (CVE-2022-27666)
• Red Hat Enterprise Linux libgcrypt security update (RHSA-2022:5311) (CVE-2021-40528)
• Red Hat Enterprise Linux libinput security update (RHSA-2022:5331) (CVE-2022-1215)
• Red Hat Enterprise Linux libxml2 security update (RHSA-2022:5317) (CVE-2022-29824)
• Red Hat Enterprise Linux php:7.4 security update (RHSA-2022:5467) (CVE-2022-31626)
• Red Hat Enterprise Linux php:8.0 security update (RHSA-2022:5468) (CVE-2022-31626)
• Red Hat Enterprise Linux python security update (RHSA-2022:5235) (CVE-2020-26116, CVE-2020-26137, CVE-2021-3177)
• Red Hat Enterprise Linux python-virtualenv security update (RHSA-2022:5234) (CVE-2019-20916)
• Red Hat Enterprise Linux ruby:2.6 security, bug fix, and enhancement update (RHSA-2022:5338) (CVE-2022-28739)
• Red Hat Enterprise Linux Satellite 6.11 Release (RHSA-2022:5498) (CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-30151, CVE-2021-3200, CVE-2021-32839, CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938, CVE-2021-3584, CVE-2021-41136, CVE-2021-4142, CVE-2021-42550, CVE-2021-43797, CVE-2021-43818, CVE-2021-44420, CVE-2021-44568, CVE-2021-45115, CVE-2021-45116, CVE-2021-45452, CVE-2022-22818, CVE-2022-23633, CVE-2022-23634, CVE-2022-23833, CVE-2022-23837, CVE-2022-28346, CVE-2022-28347)
• Red Hat Enterprise Linux squid security update (RHSA-2022:5542) (CVE-2021-46784)
• Red Hat Enterprise Linux squid:4 security update (RHSA-2022:5526) (CVE-2021-46784)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2022:5470) (CVE-2022-2200, CVE-2022-2226, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• Red Hat Enterprise Linux thunderbird security update (RHSA-2022:5480) (CVE-2022-2200, CVE-2022-2226, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• Red Hat Enterprise Linux vim security update (RHSA-2022:5319) (CVE-2022-1621, CVE-2022-1629)

SUSE Linux (Credentialed Checks)

• SUSE apache2 Security Update (SUSE-SU-2022:2338-1) (CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813)
• SUSE apache2 Security Update (SUSE-SU-2022:2342-1) (CVE-2022-26377, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813)
• SUSE curl Security Update (SUSE-SU-2022:2288-1) (CVE-2022-32206, CVE-2022-32208)
• SUSE curl Security Update (SUSE-SU-2022:2327-1) (CVE-2022-32206, CVE-2022-32208)
• SUSE dpdk Security Update (SUSE-SU-2022:2273-1) (CVE-2021-3839, CVE-2022-0669)
• SUSE ImageMagick Security Update (SUSE-SU-2022:2263-1) (CVE-2019-17540, CVE-2022-32545, CVE-2022-32546, CVE-2022-32547)
• SUSE liblouis Security Update (SUSE-SU-2022:2252-1) (CVE-2022-26981, CVE-2022-31783)
• SUSE Linux Kernel Security Update (SUSE-SU-2022:2281-1) (CVE-2022-1734)
• SUSE Linux Kernel Security Update (SUSE-SU-2022:2285-1) (CVE-2021-39713)
• SUSE mariadb Security Update (SUSE-SU-2022:2189-1) (CVE-2021-46669, CVE-2022-21427, CVE-2022-27376, CVE-2022-27377, CVE-2022-27378, CVE-2022-27379, CVE-2022-27380, CVE-2022-27381, CVE-2022-27382, CVE-2022-27383, CVE-2022-27384, CVE-2022-27386, CVE-2022-27387, CVE-2022-27444, CVE-2022-27445, CVE-2022-27446, CVE-2022-27447, CVE-2022-27448, CVE-2022-27449, CVE-2022-27451, CVE-2022-27452, CVE-2022-27455, CVE-2022-27456, CVE-2022-27457, CVE-2022-27458)
• SUSE MozillaFirefox Security Update (SUSE-SU-2022:2279-1) (CVE-2022-2200, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34478, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• SUSE MozillaFirefox Security Update (SUSE-SU-2022:2289-1) (CVE-2022-2200, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34478, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• SUSE MozillaFirefox Security Update (SUSE-SU-2022:2313-1) (CVE-2022-2200, CVE-2022-31744, CVE-2022-34468, CVE-2022-34470, CVE-2022-34472, CVE-2022-34478, CVE-2022-34479, CVE-2022-34481, CVE-2022-34484)
• SUSE Multiple Packages Security Update (SUSE-SU-2022:2341-1) (CVE-2022-29162, CVE-2022-31030)
• SUSE openssl Security Update (SUSE-SU-2022:2309-1) (CVE-2022-2068, CVE-2022-2097)
• SUSE openssl-1_0_0 Security Update (SUSE-SU-2022:2321-1) (CVE-2022-1292, CVE-2022-2068)
• SUSE openssl-1_1 Security Update (SUSE-SU-2022:2251-1) (CVE-2022-1292, CVE-2022-2068)
• SUSE openssl-1_1 Security Update (SUSE-SU-2022:2311-1) (CVE-2022-2097)
• SUSE openssl-1_1 Security Update (SUSE-SU-2022:2312-1) (CVE-2022-2097)
• SUSE openssl-1_1 Security Update (SUSE-SU-2022:2328-1) (CVE-2022-2097)
• SUSE pcre Security Update (SUSE-SU-2022:2334-1) (CVE-2022-1586)
• SUSE php7 Security Update (SUSE-SU-2022:2275-1) (CVE-2022-31625, CVE-2022-31626)
• SUSE python Security Update (SUSE-SU-2022:2248-1) (CVE-2015-20107)
• SUSE python Security Update (SUSE-SU-2022:2249-1) (CVE-2015-20107)
• SUSE python Security Update (SUSE-SU-2022:2344-1) (CVE-2015-20107)
• SUSE rsyslog Security Update (SUSE-SU-2022:2314-1) (CVE-2022-24903)
• SUSE rsyslog Security Update (SUSE-SU-2022:2331-1) (CVE-2022-24903)
• SUSE salt Security Update (SUSE-SU-2022:2253-1) (CVE-2022-22967)
• SUSE salt Security Update (SUSE-SU-2022:2278-1) (CVE-2022-22967)

Ubuntu (Credentialed Checks)

• Ubuntu Django vulnerability (USN-5501-1) (CVE-2022-34265)
• Ubuntu Firefox vulnerabilities (USN-5504-1) (CVE-2022-2200, CVE-2022-34468, CVE-2022-34470, CVE-2022-34471, CVE-2022-34472, CVE-2022-34473, CVE-2022-34474, CVE-2022-34475, CVE-2022-34476, CVE-2022-34477, CVE-2022-34479, CVE-2022-34480, CVE-2022-34481, CVE-2022-34482, CVE-2022-34483, CVE-2022-34484, CVE-2022-34485)
• Ubuntu GnuPG vulnerability (USN-5503-1) (CVE-2022-34903)
• Ubuntu NSS vulnerabilities (USN-5506-1) (CVE-2022-22747, CVE-2022-34480)
• Ubuntu OpenSSL vulnerability (USN-5502-1) (CVE-2022-2097)
• Ubuntu PHP regression (USN-5479-3) (CVE-2022-31625)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.