SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2022-3515

A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:		CVSS V2 Severity:
CVSS Score : 9.8		CVSS Score :
Exploit Score: 3.9		Exploit Score:
Impact Score: 5.9		Impact Score:

CVSS V3 Metrics:		CVSS V2 Metrics:
Attack Vector: NETWORK		Access Vector:
Attack Complexity: LOW		Access Complexity:
Privileges Required: NONE		Authentication:
User Interaction: NONE		Confidentiality:
Scope: UNCHANGED		Integrity:
Confidentiality: HIGH		Availability:
Integrity: HIGH
Availability: HIGH

Reference:

https://access.redhat.com/security/cve/CVE-2022-3515

https://bugzilla.redhat.com/show_bug.cgi?id=2135610

https://dev.gnupg.org/rK4b7d9cd4a018898d7714ce06f3faf2626c14582b

https://security.netapp.com/advisory/ntap-20230706-0008/

https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html


30479



423868



249966



909



195636



282