Lucene search

GoogleOSV:CVE-2022-31901

HistoryJan 19, 2023 - 11:15 p.m.

CVE-2022-31901

2023-01-1923:15:10

Google

osv.dev

buffer overflow

notepad++

application crash

crafted files

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

35.8%

JSON

Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files.

CPENameOperatorVersion
notepad-plus-pluseq8.1.5
notepad-plus-pluseq6.8.1
notepad-plus-pluseq6.2
notepad-plus-pluseq6
notepad-plus-pluseq6.8.3
notepad-plus-pluseq5.6.5
notepad-plus-pluseq7.8.2
notepad-plus-pluseq8.3.1
notepad-plus-pluseq6.1.1
notepad-plus-pluseq8

Name	Operator	Version
notepad-plus-plus	eq	8.1.5
notepad-plus-plus	eq	6.8.1
notepad-plus-plus	eq	6.2
notepad-plus-plus	eq	6
notepad-plus-plus	eq	6.8.3
notepad-plus-plus	eq	5.6.5
notepad-plus-plus	eq	7.8.2
notepad-plus-plus	eq	8.3.1
notepad-plus-plus	eq	6.1.1
notepad-plus-plus	eq	8

Rows per page:

1-10 of 1751

References

github.com/CDACesec/CVE-2022-31901

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

35.8%

JSON

Related for OSV:CVE-2022-31901