{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T10:06:59.204","vulnerabilities":[{"cve":{"id":"CVE-2022-1117","sourceIdentifier":"secalert@redhat.com","published":"2022-08-29T15:15:10.357","lastModified":"2024-11-21T06:40:04.900","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by the run time linker may fail to detect the pattern and allow execution."},{"lang":"es","value":"Se ha encontrado una vulnerabilidad en fapolicyd. La vulnerabilidad se produce debido a una suposición sobre cómo glibc nombra al enlazador en tiempo de ejecución, una expresión regular en tiempo de compilación puede no detectar correctamente el enlazador en tiempo de ejecución. La consecuencia es que la detección de patrones para las aplicaciones lanzadas por el enlazador en tiempo de ejecución puede fallar al detectar el patrón y permitir la ejecución"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-552"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-552"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fapolicyd_project:fapolicyd:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.2","matchCriteriaId":"77ED18CE-3E85-47C5-B5D3-9F2A846C75E5"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2022-1117","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2066904","source":"secalert@redhat.com","tags":["Permissions Required","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2068171","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/linux-application-whitelisting/fapolicyd/commit/38a942613f93824c53164730b2b7a2f75b8cd263","source":"secalert@redhat.com","tags":["Patch","Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2022-1117","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2066904","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2068171","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/linux-application-whitelisting/fapolicyd/commit/38a942613f93824c53164730b2b7a2f75b8cd263","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}