CVE-2022-0174Improper Validation of Specified Quantity in Input in Dolibarr

CWE-1284Improper Validation of Specified Quantity in InputCWE-20Improper Input Validation6 documents5 sources
Severity
4.3MEDIUMNVD
CISA8.6
EPSS
0.2%
top 52.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Dolibarr DolibarrDolibarr ERP CRMDolibarr
Timeline
PublishedJan 10
Latest updateMar 3

Description

Improper Validation of Specified Quantity in Input vulnerability in dolibarr dolibarr/dolibarr.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

Packagistdolibarr/dolibarr< 15.0.0
CVEListV5dolibarr/dolibarr_dolibarrunspecifieddevelop

Patches

Patch: github.comPatch: huntr.devPatch: github.com

🔴Vulnerability Details

4
GHSA
Logic error in dolibarr2022-01-12
OSV
Logic error in dolibarr2022-01-12
OSV
CVE-2022-0174: Improper Validation of Specified Quantity in Input vulnerability in dolibarr dolibarr/dolibarr2022-01-10
CVEList
Improper Validation of Specified Quantity in Input in dolibarr/dolibarr2022-01-10

📋Vendor Advisories

1
CISA
Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability2022-03-03
CVE-2022-0174 — Dolibarr Dolibarr vulnerability | cvebase