Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-35020

Опубликовано: 29 авг. 2022
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_memcpy at /sanitizer_common/sanitizer_common_interceptors.inc.

A heap buffer overflow vulnerability was found in advancecomp in the mng_read_delta() function of the mng.c file. This flaw allows an attacker to trick a user into opening a specially crafted file that could cause an application to crash, leading to a denial of service attack.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7advancecompNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-122->CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=2127394advancecomp: heap buffer overflow via the component inflate()

EPSS

Процентиль: 41%
0.00191
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-35020

CVSS3: 5.5
ubuntu
больше 3 лет назад

Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_memcpy at /sanitizer_common/sanitizer_common_interceptors.inc.

nvd логотип

CVE-2022-35020

CVSS3: 5.5
nvd
больше 3 лет назад

Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_memcpy at /sanitizer_common/sanitizer_common_interceptors.inc.

debian логотип

CVE-2022-35020

CVSS3: 5.5
debian
больше 3 лет назад

Advancecomp v2.3 was discovered to contain a heap buffer overflow via ...

github логотип

GHSA-42wc-qc2g-5v4h

CVSS3: 5.5
github
больше 3 лет назад

Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_memcpy at /sanitizer_common/sanitizer_common_interceptors.inc.

EPSS

Процентиль: 41%
0.00191
Низкий

5.5 Medium

CVSS3