VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-79hz-87xj-aaaj

Essentials
Severities (108)
References (25)
Severity details (22)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-79hz-87xj-aaaj
Aliases	CVE-2022-31030 GHSA-5ffw-gxpp-mxpf
Summary	containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the `ExecSync` API. This can cause containerd to consume all available memory on the computer, denying service to other legitimate workloads. Kubernetes and crictl can both be configured to use containerd's CRI implementation; `ExecSync` may be used when running probes or when executing processes via an "exec" facility. This bug has been fixed in containerd 1.6.6 and 1.5.13. Users should update to these versions to resolve the issue. Users unable to upgrade should ensure that only trusted images and commands are used.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-400

Uncontrolled Resource Consumption

System	Score	Found at
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00079	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00079	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00085	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00108	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00109	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
epss	0.00109	https://api.first.org/data/v1/epss?cve=CVE-2022-31030
cvssv3.1	5.3	https://github.com/containerd/containerd
generic_textual	MODERATE	https://github.com/containerd/containerd
cvssv3.1	5.5	https://github.com/containerd/containerd/commit/c1bcabb4541930f643aa36a2b38655e131346382
generic_textual	MODERATE	https://github.com/containerd/containerd/commit/c1bcabb4541930f643aa36a2b38655e131346382
cvssv3.1	5.5	https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf
generic_textual	MODERATE	https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf
cvssv3.1	5.5	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO
generic_textual	MODERATE	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO
cvssv3.1	5.5	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD
generic_textual	MODERATE	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD
cvssv3.1	5.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO
generic_textual	MODERATE	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO
cvssv3.1	5.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD
generic_textual	MODERATE	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD
cvssv2	2.1	https://nvd.nist.gov/vuln/detail/CVE-2022-31030
cvssv3	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-31030
cvssv3.1	5.5	https://nvd.nist.gov/vuln/detail/CVE-2022-31030
archlinux	Unknown	https://security.archlinux.org/AVG-2755
cvssv3.1	5.5	https://www.debian.org/security/2022/dsa-5162
generic_textual	MODERATE	https://www.debian.org/security/2022/dsa-5162
cvssv3.1	5.5	http://www.openwall.com/lists/oss-security/2022/06/07/1
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2022/06/07/1

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2022-31030
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31030
		https://github.com/containerd/containerd
		https://github.com/containerd/containerd/commit/c1bcabb4541930f643aa36a2b38655e131346382
		https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD/
		https://www.debian.org/security/2022/dsa-5162
		http://www.openwall.com/lists/oss-security/2022/06/07/1
AVG-2755		https://security.archlinux.org/AVG-2755
cpe:2.3:a:linuxfoundation:containerd::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:containerd::::::::
cpe:2.3:o:debian:debian_linux:11.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:::::::*
cpe:2.3:o:fedoraproject:fedora:35:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:35:::::::*
cpe:2.3:o:fedoraproject:fedora:36:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:36:::::::*
CVE-2022-31030		https://nvd.nist.gov/vuln/detail/CVE-2022-31030
GLSA-202401-31		https://security.gentoo.org/glsa/202401-31
USN-5776-1		https://usn.ubuntu.com/5776-1/
USN-USN-5521-1		https://usn.ubuntu.com/USN-5521-1/

No exploits are available.

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://github.com/containerd/containerd

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/containerd/containerd/commit/c1bcabb4541930f643aa36a2b38655e131346382

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2022-31030

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-31030

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-31030

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2022/dsa-5162

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2022/06/07/1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.15160
EPSS Score	0.00045
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.