CVE-2022-41777
published 2022-12-05CVE-2022-41777: Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote…
PriorityP339high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.48%
70.6th percentile
Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kujirahand | nadesiko3 | <= 3.3.74 | — |
| kujirahand | nadesiko3 | >= 0 < 3.3.75 | 3.3.75 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit
osv·2022-12-05
CVE-2022-41777 [MEDIUM] nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit
Nako3edit is the editor component of Nadeshiko 3, a programming language developed based on Japanese. Improper check or handling of exceptional conditions in Nako3edit v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash.
GHSA
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit
ghsa·2022-12-05
CVE-2022-41777 [MEDIUM] CWE-703 nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit
Nako3edit is the editor component of Nadeshiko 3, a programming language developed based on Japanese. Improper check or handling of exceptional conditions in Nako3edit v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-12-05
Published