Vulnerability Details CVE-2022-1249
A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. The function fails to handle the NULL pwdata invocation from daemon.c, which leads to an explicit NULL dereference and crash on all attempts to daemonize pesign.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.4%
CVSS Severity
CVSS v3 Score 3.3
CVSS v2 Score 2.1
References
Products affected by CVE-2022-1249
-
cpe:2.3:a:pesign_project:pesign:-
-
cpe:2.3:a:pesign_project:pesign:0.10
-
cpe:2.3:a:pesign_project:pesign:0.100
-
cpe:2.3:a:pesign_project:pesign:0.101
-
cpe:2.3:a:pesign_project:pesign:0.102
-
cpe:2.3:a:pesign_project:pesign:0.103
-
cpe:2.3:a:pesign_project:pesign:0.104
-
cpe:2.3:a:pesign_project:pesign:0.105
-
cpe:2.3:a:pesign_project:pesign:0.106
-
cpe:2.3:a:pesign_project:pesign:0.107
-
cpe:2.3:a:pesign_project:pesign:0.108
-
cpe:2.3:a:pesign_project:pesign:0.109
-
cpe:2.3:a:pesign_project:pesign:0.110
-
cpe:2.3:a:pesign_project:pesign:0.111
-
cpe:2.3:a:pesign_project:pesign:0.112
-
cpe:2.3:a:pesign_project:pesign:0.2
-
cpe:2.3:a:pesign_project:pesign:0.3
-
cpe:2.3:a:pesign_project:pesign:0.4
-
cpe:2.3:a:pesign_project:pesign:0.5
-
cpe:2.3:a:pesign_project:pesign:0.6
-
cpe:2.3:a:pesign_project:pesign:0.7
-
cpe:2.3:a:pesign_project:pesign:0.8
-
cpe:2.3:a:pesign_project:pesign:0.9
-
cpe:2.3:a:pesign_project:pesign:0.97
-
cpe:2.3:a:pesign_project:pesign:0.98
-
cpe:2.3:a:pesign_project:pesign:0.99
-
cpe:2.3:a:pesign_project:pesign:113