CVE-2022-35018Improper Restriction of Operations within the Bounds of a Memory Buffer in Advancecomp

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents7 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 61.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Advancemame AdvancecompFedoraproject Fedora
Timeline
PublishedAug 29
Latest updateFeb 1

Description

Advancecomp v2.3 was discovered to contain a segmentation fault.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

Debianadvancemame/advancecomp< 2.4-1+2
Ubuntuadvancemame/advancecomp< 2.1-1ubuntu0.18.04.3+3

Also affects: Fedora 35, 36, 37

🔴Vulnerability Details

4
OSV
advancecomp vulnerabilities2023-02-01
OSV
CVE-2022-35018: Advancecomp v22022-08-29
GHSA
GHSA-959q-rjr2-qvp2: Advancecomp v22022-08-29
CVEList
CVE-2022-35018: Advancecomp v22022-08-29

📋Vendor Advisories

3
Ubuntu
AdvanceCOMP vulnerabilities2023-02-01
Red Hat
advancecomp: SEGV via invalid read memory access2022-08-29
Debian
CVE-2022-35018: advancecomp - Advancecomp v2.3 was discovered to contain a segmentation fault.2022
CVE-2022-35018 — Advancemame Advancecomp vulnerability | cvebase