CVE-2022-1534

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-1534

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1534.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-1534

Related

UBUNTU-CVE-2022-1534

Published

2022-04-29T11:15:10Z

Modified

2024-10-12T08:52:14.219280Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator

Summary

[none]

Details

Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.

References

Affected packages

Debian:12 / libmobi

Package

Name: libmobi
Purl: pkg:deb/debian/libmobi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.11+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libmobi

Package

Name: libmobi
Purl: pkg:deb/debian/libmobi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.11+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/bfabiszewski/libmobi

Affected ranges

Type: GIT
Repo: https://github.com/bfabiszewski/libmobi
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

fb1ab50e448ddbed746fd27ae07469bc506d838b

Affected versions

v0.*

v0.10

v0.2

v0.3

v0.4

v0.5

v0.6

v0.7

v0.8

v0.9