Lucene search
GoogleOSV:CVE-2022-26336HistoryMar 04, 2022 - 4:15 p.m.
CVE-2022-26336
2022-03-0416:15:10
Google
osv.dev
12
apache poi
hmef package
out of memory
tnef files
microsoft outlook
microsoft exchange server
cve-2022-26336
upgrade
EPSS
0.001
Percentile
17.6%
A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application uses poi-scratchpad to parse TNEF files and the application allows untrusted users to supply them, then a carefully crafted file can cause an Out of Memory exception. This issue affects poi-scratchpad version 5.2.0 and prior versions. Users are recommended to upgrade to poi-scratchpad 5.2.1.
Related
veracode
veracode
Denial Of Service (DoS)
2022-03-07 02:49:35
ibm
ibm
osv
osv
cvelist
cvelist
redhatcve
redhatcve
CVE-2022-26336
2022-03-11 18:14:31
github
github
nvd
nvd
CVE-2022-26336
2022-03-04 16:15:10
ubuntucve
ubuntucve
CVE-2022-26336
2022-03-04 00:00:00
prion
prion
Code injection
2022-03-04 16:15:00
cve
cve
CVE-2022-26336
2022-03-04 16:15:10
adobe
adobe
APSB23-31 : Security update available for Adobe Experience Manager
2023-06-13 00:00:00
redhat
redhat
(RHSA-2022:5532) Important: Red Hat Fuse 7.11.0 release and security update
2022-07-07 14:16:35
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00