Vulnerabilities > CVE-2022-47924 - Unspecified vulnerability in Csaf-Validator-Lib Project Csaf-Validator-Lib

CVSS 6.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

csaf-validator-lib-project

NVD

Published: 2023-03-27

Updated: 2023-11-07

Summary

An high privileged attacker may pass crafted arguments to the validate function of csaf-validator-lib of a locally installed Secvisogram in versions < 0.1.0 wich can result in arbitrary code execution and DoS once the users triggers the validation.

Vulnerable Configurations

Part	Description	Count
Application	Csaf-Validator-Lib_Project Csaf Validator LIB Project Csaf Validator LIB -	1

References

https://wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0004.json