Vulnerability Details CVE-2022-31783
Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.7%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- https://github.com/liblouis/liblouis/commit/ff747ec5e1ac54d54194846f6fe5bfc689192a85
- https://github.com/liblouis/liblouis/issues/1214
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFD2KIHESDUCNWTEW3USFB5GKTWT624L/
- https://security.gentoo.org/glsa/202301-06
- https://github.com/liblouis/liblouis/commit/ff747ec5e1ac54d54194846f6fe5bfc689192a85
- https://github.com/liblouis/liblouis/issues/1214
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFD2KIHESDUCNWTEW3USFB5GKTWT624L/
- https://security.gentoo.org/glsa/202301-06
Products affected by CVE-2022-31783
-
cpe:2.3:a:liblouis:liblouis:3.21.0
-
cpe:2.3:o:fedoraproject:fedora:36