AZL-28055

See a problem?
Import Source
https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-28055.json
JSON Data
https://api.osv.dev/v1/vulns/AZL-28055
Upstream
Published
2023-08-22T19:16:31Z
Modified
2026-04-21T04:25:48.223185Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
CVE-2022-48554 affecting package file for versions less than 5.40-3
Details

File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.

References

Affected packages

Azure Linux:2 / file

Package

Name
file
Purl
pkg:rpm/azure-linux/file

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.40-3

Database specific

source 
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-28055.json"