Lucene search

[email protected]NVD:CVE-2022-31901

HistoryJan 19, 2023 - 11:15 p.m.

CVE-2022-31901

2023-01-1923:15:10

CWE-787

[email protected]

web.nvd.nist.gov

buffer overflow

notepad++

application crash

crafted files

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

46.2%

JSON

Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files.

Affected configurations

Nvd

Node

notepad-plus-plusnotepad\+\+Range≤8.4.3

VendorProductVersionCPE
notepad-plus-plusnotepad\+\+*cpe:2.3:a:notepad-plus-plus:notepad\+\+:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
notepad-plus-plus	notepad\+\+	*	cpe:2.3:a:notepad-plus-plus:notepad\+\+::::::::

References

github.com/CDACesec/CVE-2022-31901

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

46.2%

JSON

Related for NVD:CVE-2022-31901

cve1 cvelist1 osv1 prion1