CVE-2022-28487

Опубликовано: 04 мая 2022

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.

Ссылки

https://github.com/appneta/tcpreplay/issues/723
Exploit
Issue Tracking
Third Party Advisory
https://github.com/appneta/tcpreplay/pull/720
Patch
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5B75AFRJUGOYHCFG2ZV2JKSUPA6MSCT5/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECRCFJ6X3IVB7BT4KS6AHQMSL532YXYD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWRZO7BG6DHA5NAC3COB45WFXLYRIERC/
https://security.gentoo.org/glsa/202210-08
Third Party Advisory
https://github.com/appneta/tcpreplay/issues/723
Exploit
Issue Tracking
Third Party Advisory
https://github.com/appneta/tcpreplay/pull/720
Patch
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5B75AFRJUGOYHCFG2ZV2JKSUPA6MSCT5/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECRCFJ6X3IVB7BT4KS6AHQMSL532YXYD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWRZO7BG6DHA5NAC3COB45WFXLYRIERC/
https://security.gentoo.org/glsa/202210-08
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:broadcom:tcpreplay:4.4.1:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00469

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-401

Связанные уязвимости

CVE-2022-28487

CVSS3: 7.5

ubuntu

почти 4 года назад

Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.

CVE-2022-28487

redhat

почти 4 года назад

Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.

CVE-2022-28487

CVSS3: 7.5

debian

почти 4 года назад

Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_che ...

GHSA-g42m-vjq2-x6h8

CVSS3: 7.5

github

почти 4 года назад

Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.

EPSS

Процентиль: 64%

0.00469

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-401