Vulnerabilities > CVE-2022-23462 - Out-of-bounds Write vulnerability in Softmotions Iowow

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

softmotions

CWE-787

NVD

Published: 2022-10-21

Updated: 2022-10-24

Summary

IOWOW is a C utility library and persistent key/value storage engine. Versions 1.4.15 and prior contain a stack buffer overflow vulnerability that allows for Denial of Service (DOS) when it parses scientific notation numbers present in JSON. A patch for this issue is available at commit a79d31e4cff1d5a08f665574b29fd885897a28fd in the `master` branch of the repository. There are no workarounds other than applying the patch.

Vulnerable Configurations

Part	Description	Count
Application	Softmotions Softmotions Iowow - Softmotions Iowow 1.0.0 Softmotions Iowow 1.0.1 Softmotions Iowow 1.0.2 Softmotions Iowow 1.0.3 Softmotions Iowow 1.0.4 Softmotions Iowow 1.0.5 Softmotions Iowow 1.0.6 Softmotions Iowow 1.1.0 Softmotions Iowow 1.2.0 Softmotions Iowow 1.2.1 Softmotions Iowow 1.2.2 Softmotions Iowow 1.2.3 Softmotions Iowow 1.2.4 Softmotions Iowow 1.2.5 Softmotions Iowow 1.2.6 Softmotions Iowow 1.2.7 Softmotions Iowow 1.2.8 Softmotions Iowow 1.2.9 Softmotions Iowow 1.2.10 Softmotions Iowow 1.2.11 Softmotions Iowow 1.2.12 Softmotions Iowow 1.2.13 Softmotions Iowow 1.2.14 Softmotions Iowow 1.3.0 Softmotions Iowow 1.3.1 Softmotions Iowow 1.3.2 Softmotions Iowow 1.3.3 Softmotions Iowow 1.3.4 Softmotions Iowow 1.3.5 Softmotions Iowow 1.3.6 Softmotions Iowow 1.3.7 Softmotions Iowow 1.3.8 Softmotions Iowow 1.3.9 Softmotions Iowow 1.3.10 Softmotions Iowow 1.3.11 Softmotions Iowow 1.3.12 Softmotions Iowow 1.3.13 Softmotions Iowow 1.3.14 Softmotions Iowow 1.3.15 Softmotions Iowow 1.3.16 Softmotions Iowow 1.3.17 Softmotions Iowow 1.3.18 Softmotions Iowow 1.3.19 Softmotions Iowow 1.3.20 Softmotions Iowow 1.3.22 Softmotions Iowow 1.3.23 Softmotions Iowow 1.3.24 Softmotions Iowow 1.3.25 Softmotions Iowow 1.3.26 Softmotions Iowow 1.3.27 Softmotions Iowow 1.3.28 Softmotions Iowow 1.3.29 Softmotions Iowow 1.3.30 Softmotions Iowow 1.3.31 Softmotions Iowow 1.3.32 Softmotions Iowow 1.3.35 Softmotions Iowow 1.3.36 Softmotions Iowow 1.3.37 Softmotions Iowow 1.4.0 Softmotions Iowow 1.4.1 Softmotions Iowow 1.4.2 Softmotions Iowow 1.4.3 Softmotions Iowow 1.4.4 Softmotions Iowow 1.4.5 Softmotions Iowow 1.4.6 Softmotions Iowow 1.4.7 Softmotions Iowow 1.4.8 Softmotions Iowow 1.4.9 Softmotions Iowow 1.4.10 Softmotions Iowow 1.4.11 Softmotions Iowow 1.4.12 Softmotions Iowow 1.4.13 Softmotions Iowow 1.4.14 Softmotions Iowow 1.4.15	75

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References