Lucene search

K
cve[email protected]CVE-2022-36150
HistoryAug 16, 2022 - 9:15 p.m.

CVE-2022-36150

2022-08-1621:15:13
CWE-787
web.nvd.nist.gov
28
5
tifig
v0.2.2
heap-buffer overflow
__asan_memmove
nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

19.9%

tifig v0.2.2 was discovered to contain a heap-buffer overflow via __asan_memmove at /asan/asan_interceptors_memintrinsics.cpp.

Affected configurations

NVD
Node
monostreamtifigMatch0.2.2

Social References

More

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

19.9%

Related for CVE-2022-36150