CVE-2022-2714
published 2022-09-06CVE-2022-2714: Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0.
PriorityP341critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.74%
49.9th percentile
Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| francoisjacquet | francoisjacquet_rosariosis | >= unspecified < 10.0 | 10.0 |
| francoisjacquet | rosariosis | >= 0 < 10.1 | 10.1 |
| rosariosis | rosariosis | < 10.1 | 10.1 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency
osv·2022-09-07
CVE-2022-2714 [HIGH] RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency
RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency
RosarioSIS Student Information System prior to version 10.1 is vulnerable to Improper Handling of Length Parameter Inconsistency.
GHSA
RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency
ghsa·2022-09-07
CVE-2022-2714 [HIGH] CWE-130 RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency
RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency
RosarioSIS Student Information System prior to version 10.1 is vulnerable to Improper Handling of Length Parameter Inconsistency.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/francoisjacquet/rosariosis/commit/4022954c3f41462bf6225c302a28b0429f6f4df3https://huntr.dev/bounties/430aedac-c7d9-4acb-9bab-bcc0595d9e95https://github.com/francoisjacquet/rosariosis/commit/4022954c3f41462bf6225c302a28b0429f6f4df3https://huntr.dev/bounties/430aedac-c7d9-4acb-9bab-bcc0595d9e95
2022-09-06
Published