VDB
CVE-2022-30292
CVE-2022-30292
PUBLISHED
CVSS 7.5 HIGH
Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call.
EPSS 2.49% · 85.6th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
2.49%
85.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| squirrel-lang | squirrel | 3.2 |
| n/a | n/a | n/a |
| fedoraproject | fedora | 36, 35 |
Timeline
- May 4, 2022 CVE Published
- May 5, 2022 EPSS Score
- Jun 23, 2022 EPSS Score
- Oct 1, 2022 EPSS Score
- Nov 20, 2022 EPSS Score
- Feb 27, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 17, 2023 EPSS Score
- Jul 25, 2023 EPSS Score
- Sep 13, 2023 EPSS Score
- Dec 21, 2023 EPSS Score
- Feb 8, 2024 EPSS Score
References
- https://github.com/albertodemichelis/squirrel/commit/a6413aa690e0bdfef648c68693349a7b878fe60d url
- https://github.com/sprushed/CVE-2022-30292 url
- FEDORA-2022-509887bd99 vendor-advisory
- FEDORA-2022-88e3257aef vendor-advisory
- FEDORA-2022-e81c0db364 vendor-advisory
- FEDORA-2022-e139f256f6 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-30292 advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BV7SJJ44AGAX4ILIVPREIXPJ2GOG3FKV url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMIKSVTKNU5FRCUUNAYMCQLOJA3K3S2I url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3FQILX7UUEERSDPMZP3MKGTMY2E7ESU url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WBUYGYXDQX3OSAYHP4TCG3JS7PJTIE75 url