CVE-2022-2469

Опубликовано: 19 июл. 2022

Источник: debian

EPSS Низкий

Описание

GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client

Пакет	Статус	Версия исправления	Релиз	Тип
gsasl	fixed	2.0.1-1		package

Advisory: https://lists.gnu.org/archive/html/help-gsasl/2022-07/msg00001.html
Reproducing issue: https://lists.gnu.org/archive/html/help-gsasl/2022-07/msg00002.html
Fixed by: https://gitlab.com/gsasl/gsasl/-/commit/796e4197f696261c1f872d7576371232330bcc30 (v2.0.1)

EPSS

Процентиль: 19%

0.00061

Низкий

CVE-2022-2469

CVSS3: 3.8

ubuntu

около 3 лет назад

GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client

CVE-2022-2469

CVSS3: 7.1

redhat

около 3 лет назад

GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client

CVE-2022-2469

CVSS3: 3.8

nvd

около 3 лет назад

GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client

ROS-20241112-01

CVSS3: 8.1

redos

10 месяцев назад

Уязвимость libgsasl

GHSA-r9xr-xfwx-6crw

CVSS3: 8.1

github

около 3 лет назад

GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client

EPSS

Процентиль: 19%

0.00061

Низкий