CVE-2022-1813
published 2022-05-22CVE-2022-1813: OS Command Injection in GitHub repository yogeshojha/rengine prior to 1.2.0.
PriorityP258critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.66%
83.8th percentile
OS Command Injection in GitHub repository yogeshojha/rengine prior to 1.2.0.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rengine_project | rengine | < 1.2.0 | 1.2.0 |
| yogeshojha | yogeshojha_rengine | >= unspecified < 1.2.0 | 1.2.0 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.08.3HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-62j3-37pc-h32g: OS Command Injection in GitHub repository yogeshojha/rengine prior to 1
ghsa_unreviewed·2022-05-23
CVE-2022-1813 [CRITICAL] CWE-78 GHSA-62j3-37pc-h32g: OS Command Injection in GitHub repository yogeshojha/rengine prior to 1
OS Command Injection in GitHub repository yogeshojha/rengine prior to 1.2.0.
Red Hat
kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
vendor_redhat·2024-07-16·CVSS 5.5
CVE-2022-48829 [MEDIUM] CWE-253 kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
In the Linux kernel, the following vulnerability has been resolved:
NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
iattr::ia_size is a loff_t, so these NFSv3 procedures must be
careful to deal with incoming client size values that are larger
than s64_max without corrupting the value.
Silently capping the value results in storing a different value
than the client passed in which is unexpected behavior, so remove
the min_t() check in decode_sattr3().
Note that RFC 1813 permits only the WRITE procedure to return
NFS3ERR_FBIG. We believe that NFSv3 reference implementations
also return NFS3ERR_FBIG when ia_size is too large.
A vulnerability was found in the Linux kernel's NFSD, specifically in the handling o
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-05-22
Published