CVE-2022-34913

{"id": "CVE-2022-34913", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-07-02T20:15:08.457", "references": [{"url": "https://github.com/nereusx/md2roff/issues/4", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a large number of consecutive characters to be processed. NOTE: the vendor's position is that the product is not intended for untrusted input"}, {"lang": "es", "value": "** EN DISPUTA ** md2roff versi\u00f3n 1.7, presenta un desbordamiento de b\u00fafer en la regi\u00f3n stackde la memoria por medio de un archivo Markdown que contiene un gran n\u00famero de caracteres consecutivos para ser procesado. NOTA: la posici\u00f3n del proveedor es que el producto no est\u00e1 destinado a la entrada no confiable"}], "lastModified": "2024-04-11T01:15:59.880", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:md2roff_project:md2roff:1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8693D41B-F4F0-4E8F-8A5C-7F588D574CB9"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}