CVE-2022-47021
CVSS V2 None
CVSS V3 None
Description
A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts.
Overview
- CVE ID
- CVE-2022-47021
- Assigner
- cve@mitre.org
- Vulnerability Status
- Modified
- Published Version
- 2023-01-20T19:15:17
- Last Modified Date
- 2023-02-10T03:15:11
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:xiph:opusfile:*:*:*:*:*:*:*:* | 1 | OR | 0.9 | 0.12 |
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/xiph/opusfile/commit/0a4cd796df5b030cb866f3f4a5e41a4b92caddf5 | Patch Third Party Advisory |
| https://github.com/xiph/opusfile/issues/36 | Exploit Issue Tracking Patch Third Party Advisory |
| https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ODIA6QRIRBNF2HRXOE5VCZ2AFP4ZB4R/ | |
| https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4LIKBLOE433RA44YTYUZLED4IOWJG5DV/ | Mailing List Third Party Advisory |
| https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ED4CWLBR2WQ2IXXTHZ24UYZBRNCLMJXH/ | Mailing List Third Party Advisory |
| https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYPAQANM2ZNPXRBFOS5NFXNJ7O4Q3OBD/ |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-47021 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47021 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-01-20 21:14:18 | Added to TrackCVE | |||
| 2023-01-23 15:14:24 | 2023-01-23T15:08:08 | CVE Modified Date | updated | |
| 2023-01-23 15:14:24 | Received | Awaiting Analysis | Vulnerability Status | updated |
| 2023-01-27 12:14:52 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |
| 2023-01-27 15:14:32 | 2023-01-27T14:45:49 | CVE Modified Date | updated | |
| 2023-01-27 15:14:32 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
| 2023-01-27 15:14:33 | Weakness Enumeration | new | ||
| 2023-01-27 15:14:35 | CPE Information | updated | ||
| 2023-02-02 05:14:21 | 2023-02-02T04:15:07 | CVE Modified Date | updated | |
| 2023-02-02 05:14:21 | Analyzed | Modified | Vulnerability Status | updated |
| 2023-02-02 05:14:21 | References | updated | ||
| 2023-02-02 13:14:23 | Modified | Undergoing Analysis | Vulnerability Status | updated |
| 2023-02-02 19:14:19 | 2023-02-02T18:44:14 | CVE Modified Date | updated | |
| 2023-02-02 19:14:19 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
| 2023-02-11 03:17:06 | 2023-02-10T03:15:11 | CVE Modified Date | updated | |
| 2023-02-11 03:17:06 | Analyzed | Modified | Vulnerability Status | updated |
| 2023-02-11 03:17:09 | References | updated |