VDB
CVE-2022-35737
CVE-2022-35737
PUBLISHED
CVSS 7.5 HIGH
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
EPSS 54.84% · 98.1th percentile
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
EPSS Score
54.84%
98.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | ABB Ability Camera Connect <=2.0.0.42 | |
| ABB | B&R Industrial Automation GmbH Automation Studio <6.5 | |
| ABB | ABB B&R Automation Studio <6.5 |
Timeline
- Mar 8, 2022 CVE Published
- Aug 3, 2022 EPSS Score
- Nov 4, 2022 EPSS Score
- Feb 4, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 8, 2023 EPSS Score
- Aug 9, 2023 EPSS Score
- Nov 9, 2023 EPSS Score
- Feb 10, 2024 EPSS Score
- May 13, 2024 EPSS Score
- Jun 28, 2024 EPSS Score
- Sep 29, 2024 EPSS Score
References
- https://psirt.abb.com/csaf/2026/sa25p007.json advisory
- https://www.br-automation.com/fileadmin/SA25P007-097a386d.pdf advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-35737 advisory
- https://psirt.abb.com/csaf/2026/4hzm000604.json advisory
- https://search.abb.com/library/Download.aspx?DocumentID=4HZM000604&LanguageCode=en&DocumentPartId=PDF&Action=Launch advisory