vulnerability

Alpine Linux: CVE-2022-37454: Integer Overflow or Wraparound

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Oct 21, 2022
Added
Mar 26, 2024
Modified
Oct 2, 2024

Description

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.

Solution(s)

alpine-linux-upgrade-python3alpine-linux-upgrade-php8alpine-linux-upgrade-php81alpine-linux-upgrade-php7alpine-linux-upgrade-php82
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.