Lucene search
MitreCVE-2022-41220HistorySep 21, 2022 - 7:15 a.m.
CVE-2022-41220
2022-09-2107:15:08
CWE-787
mitre
web.nvd.nist.gov
35
10
cve-2022-41220
md2roff
stack-based buffer overflow
markdown file
vulnerability
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
61.7%
md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor’s position is that the product is not intended for untrusted input
Affected configurations
Node
md2roff_projectmd2roffMatch1.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| md2roff_project | md2roff | 1.9 | cpe:2.3:a:md2roff_project:md2roff:1.9:*:*:*:*:*:*:* |
References
Social References
More
Related
cvelist
cvelist
CVE-2022-41220
2022-09-21 06:57:44
CVE-2022-34913
2022-07-02 19:28:39
prion
prion
Stack overflow
2022-09-21 07:15:00
Stack overflow
2022-07-02 20:15:00
nvd
nvd
CVE-2022-41220
2022-09-21 07:15:08
CVE-2022-34913
2022-07-02 20:15:08
vulnrichment
vulnrichment
CVE-2022-41220
2022-09-21 06:57:44
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Md2Roff Project Md2Roff
2023-01-31 23:05:31
Exploit for Out-of-bounds Write in Md2Roff Project Md2Roff
2023-01-31 22:37:29
cve
cve
CVE-2022-34913
2022-07-02 20:15:08
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
61.7%
Related for CVE-2022-41220