VDB
CVE-2022-39047
CVE-2022-39047
PUBLISHED
Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL.
EPSS 0.68% · 72.0th percentile
Risk Scores
EPSS Score
0.68%
72.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| freeciv | freeciv | 0, 3.0.0 |
| n/a | n/a | n/a |
Timeline
- Aug 31, 2022 EPSS Score
- Aug 31, 2022 CVE Published
- Oct 15, 2022 EPSS Score
- Nov 30, 2022 EPSS Score
- Jan 14, 2023 EPSS Score
- Mar 1, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 15, 2023 EPSS Score
- May 31, 2023 EPSS Score
- Jul 15, 2023 EPSS Score
- Aug 30, 2023 EPSS Score
- Oct 14, 2023 EPSS Score
References
- https://www.openwall.com/lists/oss-security/2022/08/05/1 url
- https://osdn.net/projects/freeciv/ticket/45299 url
- https://bugs.debian.org/1017579 url
- [oss-security] 20220831 Re: Freeciv < 2.6.7, freeciv-3.0 < 3.0.3, Modpack Installer buffer overflow mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2022-39047 advisory