CVE-2022-2879

SOURCE - nist

Summary

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.

EPSS Score⁠: 0.00152 (0.512)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-770⁠

Allocation of Resources Without Limits or Throttling

Sources (29)

Impacted images

nist

CREATED

2 years ago

UPDATED

6 months ago

SOURCE IDCVE-2022-2879⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

7.5high

alpine

CREATED

2 years ago

UPDATED

1 month ago

SOURCE IDCVE-2022-2879⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

debian

CREATED

2 years ago

UPDATED

5 months ago

SOURCE IDCVE-2022-2879⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

ubuntu

CREATED

2 years ago

UPDATED

26 days ago

SOURCE IDCVE-2022-2879⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

golang

CREATED

2 years ago

UPDATED

11 months ago

SOURCE IDGO-2022-1037⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

alma

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDALSA-2023:0446⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDALSA-2023:2780⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

1 year ago

UPDATED

8 months ago

SOURCE IDALSA-2023:0328⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDALSA-2023:2204⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

4 months ago

UPDATED

4 months ago

SOURCE IDALSA-2024:0121⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

amazon

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDALAS-2022-1887⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDALAS-2023-1913⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDALAS2023-2023-046⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDALAS2023-2023-048⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDALAS2022-2022-239⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDALAS2022-2022-240⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

bitnami

CREATED

8 months ago

UPDATED

8 months ago

SOURCE ID

BIT-2022-2879

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

bitnami

CREATED

2 months ago

UPDATED

2 months ago

SOURCE ID

BIT-golang-2022-2879

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

redhat

CREATED

2 years ago

UPDATED

6 months ago

SOURCE IDCVE-2022-2879⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5medium

rocky

CREATED

1 year ago

UPDATED

10 months ago

SOURCE IDRLSA-2023:0328⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

rocky

CREATED

1 year ago

UPDATED

10 months ago

SOURCE IDRLSA-2023:0446⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

suse

CREATED

2 years ago

UPDATED

8 months ago

SOURCE IDCVE-2022-2879⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5high

oracle

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDELSA-2022-24267⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

oracle

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDELSA-2023-2204⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDELSA-2023-0328⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDELSA-2023-2780⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDELSA-2023-18908⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

oracle

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDELSA-2023-0446⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

4 months ago

UPDATED

4 months ago

SOURCE IDELSA-2024-0121⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium