CVE-2022-29368

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-29368
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-29368.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-29368
Published
2022-05-12T19:15:49.493Z
Modified
2025-11-20T12:04:01.228930Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVSS Calculator
Summary
[none]
Details

Moddable commit before 135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45 was discovered to contain an out-of-bounds read via the function fxUint8Getter at /moddable/xs/sources/xsDataView.c.

References

Affected packages

Git / github.com/moddable-opensource/moddable

Affected ranges

Type
GIT
Repo
https://github.com/moddable-opensource/moddable
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45

Affected versions

Other

OS200831
OS200903
OS200904
OS200908
OS200910
OS200915
OS200925
OS200930
OS201005b
OS201006
OS201012
OS201014
OS201020
OS201030
OS201116
OS201127
OS201216
OS201230
OS201230b
OS210119
OS210203
OS210302
OS210406
OS210504
OS210603
OS210712
OS210805
OS210826
OS220330

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-29368.json"

vanir_signatures

[
    {
        "target": {
            "function": "fx_TypedArray",
            "file": "xs/sources/xsDataView.c"
        },
        "id": "CVE-2022-29368-2cd55a00",
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://github.com/moddable-opensource/moddable/commit/135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45",
        "signature_version": "v1",
        "digest": {
            "function_hash": "213971792071456128984423775624988611005",
            "length": 3686.0
        }
    },
    {
        "target": {
            "function": "fx_DataView",
            "file": "xs/sources/xsDataView.c"
        },
        "id": "CVE-2022-29368-95e0121f",
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://github.com/moddable-opensource/moddable/commit/135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45",
        "signature_version": "v1",
        "digest": {
            "function_hash": "84363846679159954041724313900895170132",
            "length": 1607.0
        }
    },
    {
        "target": {
            "file": "xs/sources/xsDataView.c"
        },
        "id": "CVE-2022-29368-9a1ed55f",
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://github.com/moddable-opensource/moddable/commit/135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "223017875970014378970557662022359767270",
                "301449129650224366595680306941606104538",
                "11627542960588721820961681073419472508",
                "290358849966743487640354381257567087823",
                "198460982742232140880275915543621394889",
                "118014687436350088933251035253252893264",
                "101378216909691541207872093771532453371",
                "239731733297856822896028533177456612852",
                "123057360384932954171782538858718115801",
                "71783824872907523946784047227229151330",
                "192572467819460407391453556487659234782",
                "271459887274075396375660736593274662724",
                "290358849966743487640354381257567087823",
                "44994276969962025091713365649871040777"
            ],
            "threshold": 0.9
        }
    }
]