Lucene search
MitreCVE-2022-40009HistorySep 20, 2022 - 8:15 p.m.
CVE-2022-40009
2022-09-2020:15:10
CWE-416
mitre
web.nvd.nist.gov
25
4
cve-2022-40009
swftools
heap-use-after-free
nvd
security vulnerability
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.003
Percentile
68.8%
SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.
Affected configurations
Node
swftoolsswftoolsMatch2021-12-16
| Vendor | Product | Version | CPE |
|---|---|---|---|
| swftools | swftools | 2021-12-16 | cpe:/a:swftools:swftools:2021-12-16::: |
Social References
More
Related
cvelist
cvelist
CVE-2022-40009
2022-09-20 19:14:20
nvd
nvd
CVE-2022-40009
2022-09-20 20:15:10
ubuntucve
ubuntucve
CVE-2022-40009
2022-09-20 00:00:00
prion
prion
Heap overflow
2022-09-20 20:15:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.003
Percentile
68.8%
Related for CVE-2022-40009