CVE-2022-48468

Опубликовано: 13 апр. 2023

Источник: debian

EPSS Низкий

Описание

protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.

Пакет	Статус	Версия исправления	Релиз	Тип
protobuf-c	fixed	1.4.1-1		package
protobuf-c	no-dsa		bullseye	package
protobuf-c	no-dsa		buster	package
libsignal-protocol-c	fixed	2.3.3-3		package
libsignal-protocol-c	no-dsa		bullseye	package
libsignal-protocol-c	no-dsa		buster	package

https://github.com/protobuf-c/protobuf-c/commit/289f5c18b195aa43d46a619d1188709abbfa9c82 (v1.4.1)
https://github.com/protobuf-c/protobuf-c/commit/0d1fd124a4e0a07b524989f6e64410ff648fba61 (v1.4.1)
https://github.com/protobuf-c/protobuf-c/pull/513
https://github.com/protobuf-c/protobuf-c/issues/499

EPSS

Процентиль: 5%

0.00024

Низкий

CVE-2022-48468

CVSS3: 5.5

ubuntu

около 2 лет назад

protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.

CVE-2022-48468

CVSS3: 6.2

redhat

около 2 лет назад

protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.

CVE-2022-48468

CVSS3: 5.5

nvd

около 2 лет назад

protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.

CVE-2022-48468

CVSS3: 5.5

msrc

около 2 лет назад

Описание отсутствует

SUSE-SU-2023:2143-1

suse-cvrf

около 2 лет назад

Security update for protobuf-c

EPSS

Процентиль: 5%

0.00024

Низкий