Lucene search

GoogleOSV:CVE-2022-4847

HistoryDec 29, 2022 - 6:15 p.m.

CVE-2022-4847

2022-12-2918:15:10

Google

osv.dev

cve-2022-4847

github repository

communication channel

incorrectly specified destination

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

29.6%

JSON

Incorrectly Specified Destination in a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.

CPENameOperatorVersion
memoseq0.8.0
memoseq0.8.2
memoseq0.5.0
memoseq0.7.2
memoseq0.6.1
memoseq0.8.1
memoseq0.4.3
memoseq0.4.1
memoseq0.7.0
memoseq0.4.2

Name	Operator	Version
memos	eq	0.8.0
memos	eq	0.8.2
memos	eq	0.5.0
memos	eq	0.7.2
memos	eq	0.6.1
memos	eq	0.8.1
memos	eq	0.4.3
memos	eq	0.4.1
memos	eq	0.7.0
memos	eq	0.4.2

Rows per page:

1-10 of 161

References

github.com/usememos/memos/commit/c9bb2b785dc5852655405d5c9ab127a2d5aa3948

huntr.dev/bounties/ff6d4b5a-5e75-4a14-b5ce-f318f8613b73

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

29.6%

JSON

Related for OSV:CVE-2022-4847