Lucene search

GoogleOSV:CVE-2022-45182

HistoryNov 11, 2022 - 8:15 p.m.

CVE-2022-45182

2022-11-1120:15:19

Google

osv.dev

pi-star dv

mishandles module

software

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

0.003

Percentile

70.9%

JSON

Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the module parameter.

References

github.com/AndyTaylorTweet/Pi-Star_DV_Dash/commit/0ad7d00210fc2c0eb7073e5ed429ac265ccfebbd

github.com/AndyTaylorTweet/Pi-Star_DV_Dash/commit/1e46533f4051648bc40478d99201f19241bbaa41

github.com/AndyTaylorTweet/Pi-Star_DV_Dash/commit/5aa194df3dfc92cc21f6604bbda32268f4a624ce

github.com/AndyTaylorTweet/Pi-Star_DV_Dash/issues/169

www.pistar.uk/

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

0.003

Percentile

70.9%

JSON

Related for OSV:CVE-2022-45182