7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
Low
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
33.6%
Software: fribidi 1.0.4
OS: ROSA Virtualization 2.1
package_evr_string: fribidi-1.0.4-9.rv3.src.rpm
CVE-ID: CVE-2022-25308
BDU-ID: 2022-02659
CVE-Crit: CRITICAL
CVE-DESC.: A vulnerability in the GNU FriBidi library is caused by a buffer overflow on the stack. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
CVE-STATUS: Fixed
CVE-REV: Execute yum update fribidi to close.
CVE-ID: CVE-2022-25309
BDU-ID: 2022-02660
CVE-Crit: CRITICAL.
CVE-DESC.: A vulnerability in the fribidi_cap_rtl_to_unicode function of the GNU FriBidi library is caused by a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
CVE-STATUS: Fixed
CVE-REV: Execute yum update fribidi to close.
CVE-ID: CVE-2022-25310
BDU-ID: 2022-02658
CVE-Crit: CRITICAL.
CVE-DESC.: A vulnerability in the fribidi_remove_bidi_marks() function of the GNU FriBidi library exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
CVE-STATUS: Fixed
CVE-REV: Execute yum update fribidi to close.
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
Low
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
33.6%