1. Home
  2. CVE Database
  3. CVE-2022-4891
LOW · 3.5

CVE-2022-4891

A vulnerability has been found in Sisimai up to 4.25.14p11 and classified as problematic. This vulnerability affects the function to_plain of the file lib/sisimai/string.rb. The manipulation leads to ...

Vulnerability Description

A vulnerability has been found in Sisimai up to 4.25.14p11 and classified as problematic. This vulnerability affects the function to_plain of the file lib/sisimai/string.rb. The manipulation leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may be used. Upgrading to version 4.25.14p12 is able to address this issue. The name of the patch is 51fe2e6521c9c02b421b383943dc9e4bbbe65d4e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218452.

CVSS Score

3.5

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
LibsisimaiSisimai< 4.25.14

Related Weaknesses (CWE)

CWE-1333

References

FAQ

What is CVE-2022-4891?

CVE-2022-4891 is a vulnerability with a CVSS score of 3.5 (LOW). A vulnerability has been found in Sisimai up to 4.25.14p11 and classified as problematic. This vulnerability affects the function to_plain of the file lib/sisimai/string.rb. The manipulation leads to ...

How severe is CVE-2022-4891?

CVE-2022-4891 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-4891?

Check the references section above for vendor advisories and patch information. Affected products include: Libsisimai Sisimai.