VDB
CVE-2022-24952
CVE-2022-24952
PUBLISHED
CVSS 6.5 MEDIUM
Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered remotely by an invalid sequence number and a local bug triggered by invalid input sent directly to the IPC socket.
EPSS 0.45% · 63.9th percentile
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.45%
63.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jason Gauci | Eternal Terminal | * |
| eternal_terminal_project | eternal_terminal | 0 |
Exploit Intelligence
- https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-8cw3-6r98-g7cw (nist-nvd)
- https://github.com/MisterTea/EternalTerminal/releases/tag/et-v6.2.0 (circl)
- [oss-security] 20230216 EternalTerminal: Review report and findings (predictable /tmp file paths and file permission issues, 3 CVEs) (circl)
Timeline
- Aug 16, 2022 CVE Published
- Aug 16, 2022 EPSS Score
- Oct 1, 2022 EPSS Score
- Nov 16, 2022 EPSS Score
- Jan 1, 2023 EPSS Score
- Feb 16, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 19, 2023 EPSS Score
- Jul 4, 2023 EPSS Score
- Aug 19, 2023 EPSS Score
- Oct 4, 2023 EPSS Score
References
- https://github.com/MisterTea/EternalTerminal/releases/tag/et-v6.2.0 url
- https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-8cw3-6r98-g7cw url
- [oss-security] 20230216 EternalTerminal: Review report and findings (predictable /tmp file paths and file permission issues, 3 CVEs) mailing-list