exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 8

BDU:2023-02156

почти 3 года назад

Уязвимость реализации протокола Kerberos5 heimdal, связанная с некорректным подтверждением значения проверки целостности, позволяющая нарушителю произвести логическую инверсию

CVSS3: 7.5

EPSS: Низкий

CVE-2022-45142

больше 2 лет назад

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.

CVSS3: 7.5

EPSS: Низкий

CVE-2022-45142

почти 3 года назад

EPSS: Низкий

CVE-2022-45142

больше 2 лет назад

CVSS3: 7.5

EPSS: Низкий

CVE-2022-45142

8 месяцев назад

CVSS3: 7.5

EPSS: Низкий

CVE-2022-45142

больше 2 лет назад

The fix for CVE-2022-3437 included changing memcmp to be constant time ...

CVSS3: 7.5

EPSS: Низкий

ROS-20230417-02

больше 2 лет назад

Уязвимость heimdal

CVSS3: 7.5

EPSS: Низкий

GHSA-5gp7-pf54-xc33

больше 2 лет назад

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2023-02156 Уязвимость реализации протокола Kerberos5 heimdal, связанная с некорректным подтверждением значения проверки целостности, позволяющая нарушителю произвести логическую инверсию	CVSS3: 7.5	0% Низкий	почти 3 года назад
CVE-2022-45142 The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.	CVSS3: 7.5	0% Низкий	больше 2 лет назад
CVE-2022-45142 The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.		0% Низкий	почти 3 года назад
CVE-2022-45142 The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.	CVSS3: 7.5	0% Низкий	больше 2 лет назад
CVE-2022-45142	CVSS3: 7.5	0% Низкий	8 месяцев назад
CVE-2022-45142 The fix for CVE-2022-3437 included changing memcmp to be constant time ...	CVSS3: 7.5	0% Низкий	больше 2 лет назад
ROS-20230417-02 Уязвимость heimdal	CVSS3: 7.5	0% Низкий	больше 2 лет назад
GHSA-5gp7-pf54-xc33 The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.	CVSS3: 7.5	0% Низкий	больше 2 лет назад

Уязвимостей на страницу