admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/21xxx/CVE-2022-21227.json

97 lines
3.2 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2022-02-24 15:03:46 +00:00
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
Adds CVE-2022-21227
2022-05-01 16:20:23 +01:00
"ASSIGNER": "report@snyk.io",
"DATE_PUBLIC": "2022-05-01T15:20:21.681780Z",
"-Synchronized-Data."
2022-02-24 15:03:46 +00:00
"ID": "CVE-2022-21227",
Adds CVE-2022-21227
2022-05-01 16:20:23 +01:00
"STATE": "PUBLIC",
"TITLE": "Denial of Service (DoS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sqlite3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "5.0.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"-Synchronized-Data."
2022-05-01 16:01:34 +00:00
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-SQLITE3-2388645",
"name": "https://snyk.io/vuln/SNYK-JS-SQLITE3-2388645"
Adds CVE-2022-21227
2022-05-01 16:20:23 +01:00
},
{
"-Synchronized-Data."
2022-05-01 16:01:34 +00:00
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2805470",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2805470"
Adds CVE-2022-21227
2022-05-01 16:20:23 +01:00
},
{
"-Synchronized-Data."
2022-05-01 16:01:34 +00:00
"refsource": "MISC",
"url": "https://github.com/TryGhost/node-sqlite3/commit/593c9d498be2510d286349134537e3bf89401c4a",
"name": "https://github.com/TryGhost/node-sqlite3/commit/593c9d498be2510d286349134537e3bf89401c4a"
Adds CVE-2022-21227
2022-05-01 16:20:23 +01:00
}
]
"-Synchronized-Data."
2022-02-24 15:03:46 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2022-05-01 16:01:34 +00:00
"value": "The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine."
"-Synchronized-Data."
2022-02-24 15:03:46 +00:00
}
]
Adds CVE-2022-21227
2022-05-01 16:20:23 +01:00
},
"impact": {
"cvss": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}
},
"credit": [
{
"lang": "eng",
"value": "Cristian-Alexandru Staicu"
}
]
"-Synchronized-Data."
2022-02-24 15:03:46 +00:00
}
Reference in New Issue Copy Permalink