CVE-2022-30775

{"id": "CVE-2022-30775", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2022-05-16T03:15:07.823", "references": [{"url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=42264", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKE_CXX_COMPILER=afl-clang-fast++ option."}, {"lang": "es", "value": "xpdf versi\u00f3n 4.04, asigna un exceso de memoria cuando le es presentada una entrada dise\u00f1ada. Esto puede ser desencadenado (por ejemplo) mediante el env\u00edo de un documento PDF dise\u00f1ado al binario pdftoppm. Es m\u00e1s f\u00e1cil de reproducir con la opci\u00f3n DCMAKE_CXX_COMPILER=afl-clang-fast++"}], "lastModified": "2022-05-24T19:08:57.717", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:xpdfreader:xpdf:4.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDB8219E-FA52-45B5-A332-CE34400630BC"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}