CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-37049
https://notcve.org/view.php?id=CVE-2022-37049
The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from CVE-2022-27942. Se ha detectado que el componente tcpprep de Tcpreplay versión v4.4.1, contiene un desbordamiento de búfer en la región heap de la memoria en la función parse_mpls en el archivo common/get.c:150. NOTA: esto es diferente de CVE-2022-27942. • https://github.com/appneta/tcpreplay/issues/736 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5B75AFRJUGOYHCFG2ZV2JKSUPA6MSCT5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECRCFJ6X3IVB7BT4KS6AHQMSL532YXYD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWRZO7BG6DHA5NAC3COB45WFXLYRIERC https://security.gentoo.org/glsa/202210-08 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-28487
https://notcve.org/view.php?id=CVE-2022-28487
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality. Tcpreplay versión 4.4.1, contiene un fallo de pérdida de memoria en la función fix_ipv6_checksums(). La mayor amenaza de esta vulnerabilidad es para la confidencialidad de los datos • https://github.com/appneta/tcpreplay/issues/723 https://github.com/appneta/tcpreplay/pull/720 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5B75AFRJUGOYHCFG2ZV2JKSUPA6MSCT5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECRCFJ6X3IVB7BT4KS6AHQMSL532YXYD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWRZO7BG6DHA5NAC3COB45WFXLYRIERC https://security.gentoo.org/glsa/202210-08 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-27416
https://notcve.org/view.php?id=CVE-2022-27416
Tcpreplay v4.4.1 was discovered to contain a double-free via __interceptor_free. Se ha detectado que Tcpreplay versión v4.4.1, contiene una doble liberación por medio de __interceptor_free • https://github.com/appneta/tcpreplay/issues/702 https://security.gentoo.org/glsa/202210-08 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-27418
https://notcve.org/view.php?id=CVE-2022-27418
Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math at /tcpedit/checksum.c. Tcpreplay versión v4.4.1, presenta un desbordamiento de búfer en la región heap de la memoria en la función do_checksum_math en el archivo /tcpedit/checksum.c • https://github.com/appneta/tcpreplay/issues/703 https://security.gentoo.org/glsa/202210-08 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-27939
https://notcve.org/view.php?id=CVE-2022-27939
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. tcprewrite en Tcpreplay versión 4.4.1, presenta una aserción alcanzable en la función get_layer4_v6 en el archivo common/get.c • https://github.com/appneta/tcpreplay/issues/717 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5B75AFRJUGOYHCFG2ZV2JKSUPA6MSCT5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECRCFJ6X3IVB7BT4KS6AHQMSL532YXYD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWRZO7BG6DHA5NAC3COB45WFXLYRIERC https://security.gentoo.org/glsa/202210-08 • CWE-617: Reachable Assertion •