Vulnerability Description
Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libmobi Project | Libmobi | < 0.11 |
Related Weaknesses (CWE)
References
- https://github.com/bfabiszewski/libmobi/commit/fb1ab50e448ddbed746fd27ae07469bc5PatchThird Party Advisory
- https://huntr.dev/bounties/9a90ffa1-38f5-4685-9c00-68ba9068ce3dExploitIssue TrackingPatch
- https://github.com/bfabiszewski/libmobi/commit/fb1ab50e448ddbed746fd27ae07469bc5PatchThird Party Advisory
- https://huntr.dev/bounties/9a90ffa1-38f5-4685-9c00-68ba9068ce3dExploitIssue TrackingPatch
FAQ
What is CVE-2022-1534?
CVE-2022-1534 is a vulnerability with a CVSS score of 7.1 (HIGH). Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow att...
How severe is CVE-2022-1534?
CVE-2022-1534 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-1534?
Check the references section above for vendor advisories and patch information. Affected products include: Libmobi Project Libmobi.