2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2022-1289" ,
"sourceIdentifier" : "cna@vuldb.com" ,
"published" : "2022-04-10T16:15:07.847" ,
2024-11-23 15:12:23 +00:00
"lastModified" : "2024-11-21T06:40:25.290" ,
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "A denial of service vulnerability was found in tildearrow Furnace. It has been classified as problematic. This is due to an incomplete fix of CVE-2022-1211. It is possible to initiate the attack remotely but it requires user interaction. The issue got fixed with the patch 0eb02422d5161767e9983bdaa5c429762d3477ce."
} ,
{
"lang" : "es" ,
"value" : "Se ha encontrado una vulnerabilidad de denegaci\u00f3n de servicio en tildearrow Furnace. Ha sido clasificada como problem\u00e1tica. Esto es debido a una correcci\u00f3n incompleta de CVE-2022-1211. Es posible iniciar el ataque de forma remota, pero requiere una interacci\u00f3n del usuario. El problema ha sido corregido con el parche 0eb02422d5161767e9983bdaa5c429762d3477ce"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
2024-11-23 15:12:23 +00:00
"source" : "cna@vuldb.com" ,
"type" : "Secondary" ,
2023-04-24 12:24:31 +02:00
"cvssData" : {
"version" : "3.1" ,
2024-11-23 15:12:23 +00:00
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" ,
"baseScore" : 4.3 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "REQUIRED" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-23 15:12:23 +00:00
"availabilityImpact" : "LOW"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 2.8 ,
2024-11-23 15:12:23 +00:00
"impactScore" : 1.4
2023-04-24 12:24:31 +02:00
} ,
{
2024-11-23 15:12:23 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"cvssData" : {
"version" : "3.1" ,
2024-11-23 15:12:23 +00:00
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" ,
"baseScore" : 6.5 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "REQUIRED" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-23 15:12:23 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 2.8 ,
2024-11-23 15:12:23 +00:00
"impactScore" : 3.6
2023-04-24 12:24:31 +02:00
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P" ,
2024-11-23 15:12:23 +00:00
"baseScore" : 4.3 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-23 15:12:23 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
2024-11-23 15:12:23 +00:00
"source" : "cna@vuldb.com" ,
"type" : "Secondary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
2024-11-23 15:12:23 +00:00
"value" : "CWE-404"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
2024-11-23 15:12:23 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
2024-11-23 15:12:23 +00:00
"value" : "NVD-CWE-noinfo"
2023-04-24 12:24:31 +02:00
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2CFFA314-6943-4498-B845-E1A1ABCE4E31"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E015EA7E-4720-4757-96E9-5260CFBC1043"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.2.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E776BB42-A08E-4F3C-947D-332DCB2CBF88"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.2.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "051B2A23-EDCF-4539-9CA8-E5714F6F6DF4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FDE66467-B30B-4B77-BB41-6A4C647E457B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.3.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D42E6328-AF1D-45D9-9DBB-382E8EDE3E40"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E76E15CA-9D90-4B4C-B987-E8608AA60236"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.4.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F20B01FD-07A2-4D09-AAE5-11E464D4454B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.4.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "50763220-BBF6-4CB5-8E05-150B53714F61"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.4.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AAB16783-A272-4E66-AF78-17B024DCEA88"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6689F024-5C0F-42DC-B048-20268EBE49AA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.4.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6BC4CEB4-803F-4D09-905C-270617E56336"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.4.5:real:*:*:*:*:*:*" ,
"matchCriteriaId" : "7ADEB444-C64D-48EF-8F4E-BA88BD8509B5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.4.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B0A54674-881E-4448-83A8-9FF06E58ECCD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.4.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7F8660DE-0B05-48C0-80D5-970EFA31E9F6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8CDBEA41-070A-43B9-A2C6-C168D3C70AE7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.5.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "76BA3B0D-EDC6-4B79-8DDC-09360E93F6C8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.5.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B25DEC4B-7531-40D8-B476-7C9FE8762515"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.5.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8BA49882-11C5-4F54-AEEE-415F3DC68406"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.5.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "198DFD86-6858-41F0-8AA5-CC85F1A27E92"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.5.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "767CA8B0-9454-4F06-A12E-D7C4555E8BBC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.5.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E33824AB-E32F-4F82-9E51-138B3183DA80"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.5.7:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "541CF21B-7719-42CB-97F1-CB7AF2F77FA9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.5.7:pre4:*:*:*:*:*:*" ,
"matchCriteriaId" : "CD522023-C8DF-4BEA-911F-DE65428FCF34"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.5.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B8952D4C-334E-43D6-B6B8-0E9EC7F2253B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:0.6:pre0:*:*:*:*:*:*" ,
"matchCriteriaId" : "3F99C267-EA7C-4ADA-8BE9-7E51D143B5E3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "73F24C96-A83E-4F53-B852-9262C7CFC387"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9B5A5017-B4F4-480E-9CED-ADF09100A4F6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A726A198-CBBD-4FAE-B3D7-C51F0F3D10B7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "05E6200E-5061-4F71-9FD8-E19F9F6D2557"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9934631B-564C-4823-B509-75DA02940CB9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2FEAE377-ED50-4A3B-971A-BDB1780EE242"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev62:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "065CEC21-3C18-476F-B714-E2F20233F296"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev63:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9D67EC62-0FFD-4951-BA17-633DCD5C65C8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev64:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "87E9A121-6A91-4636-8453-3CFC6FA24B56"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev65:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "67EFBF91-2CF9-4095-B8DF-425AE1917A25"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev66:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C1D41EEE-621B-4366-9097-27EF1472B38A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev67:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7CAF3983-5034-4095-9221-C464EBE6A0D0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev68:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A145138D-19AB-4290-B145-DBB9DFB025D1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev69:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3F812509-1F77-4024-85EB-CDD325BFCE6F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev70:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F60A5D1D-4B4C-4B67-B541-A5F14ACB820A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev71:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "45C270A3-E380-4022-861D-6697DB73D895"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev72:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7A015763-407E-4283-9A39-4CFB9D699110"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev73:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "48D91A45-1102-4081-BBEC-ED6CD9DF6689"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev75:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7F9BFF65-6CB4-4466-B8C1-3584FEBCB626"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev76:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CDB48FE2-3476-4180-8754-724A153DF5C5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev77:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0B8C8373-5E16-493C-B736-26C2676782D7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev78:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "37EF1C85-71ED-4592-AF40-88CA608761F3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev79:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "73FED9B5-3C85-4C59-B2F7-AC96439A52D9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:tildearrow:furnace:dev80:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E53F9DDD-249D-4BD1-8AC9-D361508E8487"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://github.com/tildearrow/furnace/commit/0eb02422d5161767e9983bdaa5c429762d3477ce" ,
"source" : "cna@vuldb.com" ,
"tags" : [
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://github.com/tildearrow/furnace/issues/325#issuecomment-1094139655" ,
"source" : "cna@vuldb.com" ,
"tags" : [
"Exploit" ,
"Issue Tracking" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://vuldb.com/?id.196755" ,
"source" : "cna@vuldb.com" ,
"tags" : [
"Third Party Advisory"
]
2024-11-23 15:12:23 +00:00
} ,
{
"url" : "https://github.com/tildearrow/furnace/commit/0eb02422d5161767e9983bdaa5c429762d3477ce" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://github.com/tildearrow/furnace/issues/325#issuecomment-1094139655" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Issue Tracking" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://vuldb.com/?id.196755" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
