CVE-2022-41861

Опубликовано: 17 янв. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.

Ссылки

https://freeradius.org/security/
Patch
Vendor Advisory
https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e
Patch
Third Party Advisory
https://freeradius.org/security/
Patch
Vendor Advisory
https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/06/msg00030.html

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:*

Версия до 3.0.25 (включая)

EPSS

Процентиль: 57%

0.00354

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-400

CWE-20

Связанные уязвимости

CVE-2022-41861

CVSS3: 6.5

ubuntu

около 3 лет назад

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.

CVE-2022-41861

CVSS3: 7.5

redhat

почти 4 года назад

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.

CVE-2022-41861

CVSS3: 6.5

msrc

около 3 лет назад

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.

CVE-2022-41861

CVSS3: 6.5

debian

около 3 лет назад

A flaw was found in freeradius. A malicious RADIUS client or home serv ...

GHSA-3886-rc87-ccgx

CVSS3: 6.5

github

около 3 лет назад

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.

EPSS

Процентиль: 57%

0.00354

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-400

CWE-20