CVE-2022-1325

{"id": "CVE-2022-1325", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2022-08-31T16:15:09.467", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2022-1325", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2074549", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/GreycLab/CImg/commit/619cb58dd90b4e03ac68286c70ed98acbefd1c90", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/GreycLab/CImg/issues/343", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/GreycLab/CImg/pull/348", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://huntr.dev/bounties/a5e4fc45-8f14-4dd1-811b-740fc50c95d2/", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer."}, {"lang": "es", "value": "Se ha encontrado un fallo en Clmg, donde con la ayuda de un archivo pandore o bmp maliciosamente dise\u00f1ado con valores de campo de encabezados dx y dy modificados, es posible enga\u00f1ar a la aplicaci\u00f3n para que asigne tama\u00f1os de b\u00fafer enormes, como 64 Gigabytes, al leer el archivo desde el disco o desde un b\u00fafer virtual"}], "lastModified": "2022-09-07T16:23:06.993", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cimg:cimg:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BC6B9AC-0442-4A13-BE55-DC1B28A0700B", "versionEndExcluding": "3.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}