CVE-2022-2469

Опубликовано: 19 июл. 2022

Источник: nvd

CVSS3: 3.8

CVSS3: 8.1

EPSS Низкий

Описание

GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client

Ссылки

https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2469.json
Third Party Advisory
VDB Entry
https://gitlab.com/gsasl/gsasl/-/commit/796e4197f696261c1f872d7576371232330bcc30
Patch
Third Party Advisory
https://www.debian.org/security/2022/dsa-5189
Third Party Advisory
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2469.json
Third Party Advisory
VDB Entry
https://gitlab.com/gsasl/gsasl/-/commit/796e4197f696261c1f872d7576371232330bcc30
Patch
Third Party Advisory
https://www.debian.org/security/2022/dsa-5189
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gnu:gnu_sasl:*:*:*:*:*:*:*:*

Версия до 2.0.1 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.00061

Низкий

3.8 Low

CVSS3

8.1 High

CVSS3

Дефекты

CWE-125

Связанные уязвимости

CVE-2022-2469

CVSS3: 3.8

ubuntu

около 3 лет назад

GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client

CVE-2022-2469

CVSS3: 7.1

redhat

около 3 лет назад

GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client

CVE-2022-2469

CVSS3: 3.8

debian

около 3 лет назад

GNU SASL libgsasl server-side read-out-of-bounds with malicious authen ...

ROS-20241112-01

CVSS3: 8.1

redos

10 месяцев назад

Уязвимость libgsasl

GHSA-r9xr-xfwx-6crw

CVSS3: 8.1

github

около 3 лет назад

GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client

EPSS

Процентиль: 19%

0.00061

Низкий

3.8 Low

CVSS3

8.1 High

CVSS3

Дефекты

CWE-125