exploitDog

GHSA-5q8q-7vqj-xx32

Опубликовано: 03 июн. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h.

Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h.

Ссылки

EPSS

Процентиль: 95%

0.16162

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-787

Связанные уязвимости

CVE-2022-29777

CVSS3: 9.8

nvd

больше 3 лет назад

Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h.

EPSS

Процентиль: 95%

0.16162

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-787