exploitDog

CVE-2022-23850

Опубликовано: 23 янв. 2022

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based buffer overflow via a crafted EPUB document.

Ссылки

https://cwe.mitre.org/data/definitions/121.html
Third Party Advisory
https://github.com/kevinboone/epub2txt2/issues/17
Exploit
Issue Tracking
Third Party Advisory
https://cwe.mitre.org/data/definitions/121.html
Third Party Advisory
https://github.com/kevinboone/epub2txt2/issues/17
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:epub2txt_project:epub2txt:*:*:*:*:*:*:*:*

Версия до 2.02 (включая)

EPSS

Процентиль: 39%

0.00179

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2022-23850

CVSS3: 7.8

debian

около 4 лет назад

xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through ...

GHSA-x32q-wrp4-v9x9

CVSS3: 7.8

github

около 4 лет назад

xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based buffer overflow via a crafted EPUB document.

EPSS

Процентиль: 39%

0.00179

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787