CVE-2021-46389

Опубликовано: 07 фев. 2022

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

IIPImage High Resolution Streaming Image Server prior to commit 882925b295a80ec992063deffc2a3b0d803c3195 is affected by an integer overflow in iipsrv.fcgi through malformed HTTP query parameters.

Ссылки

https://github.com/ruven/iipsrv/commit/4ed59265fbbd636dc2fbbf325f8ea37ed300a6d9
Patch
Third Party Advisory
https://github.com/ruven/iipsrv/commit/882925b295a80ec992063deffc2a3b0d803c3195
Patch
Third Party Advisory
https://github.com/ruven/iipsrv/commit/4ed59265fbbd636dc2fbbf325f8ea37ed300a6d9
Patch
Third Party Advisory
https://github.com/ruven/iipsrv/commit/882925b295a80ec992063deffc2a3b0d803c3195
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:high_resolution_streaming_image_server_project:high_resolution_streaming_image_server:*:*:*:*:*:*:*:*

Версия до 2022-01-14 (исключая)

EPSS

Процентиль: 56%

0.00334

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

GHSA-r4qx-vr33-6wrx

github

почти 4 года назад