GoogleOSV:CVE-2022-35014

HistoryAug 29, 2022 - 2:15 p.m.

CVE-2022-35014

2022-08-2914:15:11

Google

osv.dev

advancecomp v2.3

segmentation fault

cve-2022-35014

software

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

47.4%

JSON

Advancecomp v2.3 contains a segmentation fault.

References

drive.google.com/file/d/1mglfof2gR9Xoi5OWS9x0-jJ7cSIJA5i6/view?usp=sharing

github.com/Cvjark/Poc/blob/main/advancecomp/CVE-2022-35014.md

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYG2XAL4MBS7ADGJWYRUKBLDTBJFPJER/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQHLMLFHPV5C7PTBZML6U72QT6VNEOEF/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XP42AC5VPTY45QKMRL3W4G4EXIUMFXRE/

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

47.4%

JSON

Related for OSV:CVE-2022-35014