Lucene search
HistorySep 21, 2022 - 7:15 a.m.
CVE-2022-41220
cve-2022-41220
md2roff
stack-based buffer overflow
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
61.7%
md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor’s position is that the product is not intended for untrusted input
Affected configurations
Node
md2roff_projectmd2roffMatch1.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| md2roff_project | md2roff | 1.9 | cpe:2.3:a:md2roff_project:md2roff:1.9:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2022-41220
2022-09-21 06:57:44
CVE-2022-34913
2022-07-02 19:28:39
prion
prion
Stack overflow
2022-09-21 07:15:00
Stack overflow
2022-07-02 20:15:00
vulnrichment
vulnrichment
CVE-2022-41220
2022-09-21 06:57:44
cve
cve
CVE-2022-41220
2022-09-21 07:15:08
CVE-2022-34913
2022-07-02 20:15:08
nvd
nvd
CVE-2022-34913
2022-07-02 20:15:08
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Md2Roff Project Md2Roff
2023-01-31 22:37:29
Exploit for Out-of-bounds Write in Md2Roff Project Md2Roff
2023-01-31 23:05:31
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
61.7%
Related for NVD:CVE-2022-41220