CVE-2022-3717

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-3717
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

21 Nov 2022, 16:15

Type Values Removed Values Added
References
  • {'url': 'https://github.com/Exiv2/exiv2/commit/a58e52ed702d3bc7b8bab7ec1d70a4849eebece3', 'name': 'https://github.com/Exiv2/exiv2/commit/a58e52ed702d3bc7b8bab7ec1d70a4849eebece3', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://vuldb.com/?id.212348', 'name': 'https://vuldb.com/?id.212348', 'tags': ['Permissions Required', 'Third Party Advisory'], 'refsource': 'MISC'}
CWE CWE-119
CVSS v2 : unknown
v3 : 9.8 		v2 : unknown
v3 : unknown
Summary A vulnerability, which was classified as critical, has been found in Exiv2. Affected by this issue is the function BmffImage::boxHandler of the file bmffimage.cpp. The manipulation leads to memory corruption. The attack may be launched remotely. The name of the patch is a58e52ed702d3bc7b8bab7ec1d70a4849eebece3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-212348. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CPE cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*

28 Oct 2022, 19:42

Type Values Removed Values Added
CPE cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
References (MISC) https://vuldb.com/?id.212348 - (MISC) https://vuldb.com/?id.212348 - Permissions Required, Third Party Advisory
References (MISC) https://github.com/Exiv2/exiv2/commit/a58e52ed702d3bc7b8bab7ec1d70a4849eebece3 - (MISC) https://github.com/Exiv2/exiv2/commit/a58e52ed702d3bc7b8bab7ec1d70a4849eebece3 - Patch, Third Party Advisory

27 Oct 2022, 11:28

Type Values Removed Values Added
New CVE
Information

Published : 2022-10-27 11:15

Updated : 2024-02-04 22:51

NVD link : CVE-2022-3717

Mitre link : CVE-2022-3717

CVE.ORG link : CVE-2022-3717

JSON object : View

Products Affected

No product.

CWE

No CWE.