Lucene search
GoogleOSV:CVE-2022-36752HistoryJul 28, 2022 - 11:15 p.m.
CVE-2022-36752
2022-07-2823:15:07
Google
osv.dev
5
png2webp vulnerability
out-of-bounds write
w2p function
crafted png file
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
33.3%
png2webp v1.0.4 was discovered to contain an out-of-bounds write via the function w2p. This vulnerability is exploitable via a crafted png file.
Related
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Png2Webp Project Png2Webp
2023-01-31 23:14:06
nvd
nvd
CVE-2022-36752
2022-07-28 23:15:07
prion
prion
Out-of-bounds
2022-07-28 23:15:00
cvelist
cvelist
CVE-2022-36752
2022-07-28 22:50:03
cve
cve
CVE-2022-36752
2022-07-28 23:15:07
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
33.3%
Related for OSV:CVE-2022-36752