Lucene search
SnykCVELIST:CVE-2022-25872HistoryJun 17, 2022 - 8:05 p.m.
CVE-2022-25872 Out-of-bounds Read
2022-06-1720:05:23
snyk
www.cve.org
3
cve-2022-25872
out-of-bounds read
incorrect memory freeing
length calculation
non-string input
allocated memory
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P
EPSS
0.001
Percentile
30.0%
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory.
CNA Affected
[
{
"product": "fast-string-search",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2022-25872
2022-06-17 20:15:10
osv
osv
Out-of-bounds Read in fast-string-search
2022-06-18 00:00:19
prion
prion
Out-of-bounds
2022-06-17 20:15:00
veracode
veracode
Out-of-Bounds Read
2022-06-21 02:48:11
github
github
Out-of-bounds Read in fast-string-search
2022-06-18 00:00:19
nvd
nvd
CVE-2022-25872
2022-06-17 20:15:10
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P
EPSS
0.001
Percentile
30.0%
Related for CVELIST:CVE-2022-25872