CVE-2022-37454

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-37454
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-37454.json
Aliases
Related
Published
2022-10-21T06:15:09Z
Modified
2024-05-14T12:16:06.360755Z
Summary
[none]
Details

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.

References

Affected packages

Alpine:v3.16 / python3

Package

Name
python3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
3.10.9-r0

Affected versions

3.*

3.1.3-r0
3.2.0-r0
3.2.3-r0
3.3.0-r0
3.3.2-r0
3.3.3-r0
3.3.4-r0
3.4.1-r0
3.4.2-r0
3.4.2-r1
3.4.3-r1
3.4.3-r2
3.5.0-r0
3.5.1-r0
3.5.1-r1
3.5.1-r2
3.5.1-r3
3.5.2-r3
3.6.0-r3
3.6.1-r3
3.6.2-r3
3.6.3-r3
3.6.4-r3
3.6.6-r3
3.6.7-r3
3.6.8-r3
3.7.2-r3
3.7.3-r3
3.7.4-r3
3.7.5-r3
3.8.0-r3
3.8.1-r3
3.8.2-r3
3.8.3-r3
3.8.4-r3
3.8.5-r3
3.8.6-r3
3.8.7-r3
3.8.8-r3
3.9.1-r3
3.9.2-r3
3.9.4-r3
3.9.5-r3
3.9.6-r3
3.9.7-r3
3.10.0-r3
3.10.1-r3
3.10.2-r3
3.10.3-r3
3.10.4-r3
3.10.5-r3
3.10.8-r3

Alpine:v3.17 / python3

Package

Name
python3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
3.10.9-r0

Affected versions

3.*

3.1.3-r0
3.2.0-r0
3.2.3-r0
3.3.0-r0
3.3.2-r0
3.3.3-r0
3.3.4-r0
3.4.1-r0
3.4.2-r0
3.4.2-r1
3.4.3-r1
3.4.3-r2
3.5.0-r0
3.5.1-r0
3.5.1-r1
3.5.1-r2
3.5.1-r3
3.5.2-r3
3.6.0-r3
3.6.1-r3
3.6.2-r3
3.6.3-r3
3.6.4-r3
3.6.6-r3
3.6.7-r3
3.6.8-r3
3.7.2-r3
3.7.3-r3
3.7.4-r3
3.7.5-r3
3.8.0-r3
3.8.1-r3
3.8.2-r3
3.8.3-r3
3.8.4-r3
3.8.5-r3
3.8.6-r3
3.8.7-r3
3.8.8-r3
3.9.1-r3
3.9.2-r3
3.9.4-r3
3.9.5-r3
3.9.6-r3
3.9.7-r3
3.10.0-r3
3.10.1-r3
3.10.2-r3
3.10.3-r3
3.10.4-r3
3.10.5-r3
3.10.6-r3
3.10.7-r3
3.10.8-r3

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
381ba9f5d0edd0c9c8ec1dea7e21d513ad08b115
Introduced
5dc92c2117cafc61daaaaa240fd46c3ac33872a4
Introduced
60fffd296abce5fc071f3c173c25a2696cf683c6
Introduced
8148cbb78841c8ec0759c0836e7f35dec799d300
Fixed
dca8d5565b947270a29f232bc54efd9df3b92b94
Type
GIT
Repo
https://github.com/python/cpython
Events
Introduced
5c4568a05a0a62b5947c55f68f9f2ecfb90a4f12
Introduced
9cf6752276e6fcfd0c23fdb064ad27f448aaaf75
Introduced
fa919fdf2583bdfead1df00e842f24f30b2a34bf

Affected versions

v3.*

v3.10.0
v3.10.0a1
v3.10.0a2
v3.10.0a3
v3.10.0a4
v3.10.0a5
v3.10.0a6
v3.10.0a7
v3.10.0b1
v3.10.0b2
v3.10.0b3
v3.10.0b4
v3.10.0rc1
v3.10.0rc2
v3.10.1
v3.10.10
v3.10.11
v3.10.12
v3.10.13
v3.10.14
v3.10.2
v3.10.3
v3.10.4
v3.10.5
v3.10.6
v3.10.7
v3.10.8
v3.10.9
v3.11.0
v3.11.0a1
v3.11.0a2
v3.11.0a3
v3.11.0a4
v3.11.0a5
v3.11.0a6
v3.11.0a7
v3.11.0b1
v3.11.0b2
v3.11.0b3
v3.11.0b4
v3.11.0b5
v3.11.0rc1
v3.11.0rc2
v3.11.1
v3.11.2
v3.11.3
v3.11.4
v3.11.5
v3.11.6
v3.11.7
v3.11.8
v3.11.9
v3.12.0
v3.12.0a1
v3.12.0a2
v3.12.0a3
v3.12.0a4
v3.12.0a5
v3.12.0a6
v3.12.0a7
v3.12.0b1
v3.12.0b2
v3.12.0b3
v3.12.0b4
v3.12.0rc1
v3.12.0rc2
v3.12.0rc3
v3.12.1
v3.12.2
v3.12.3
v3.13.0a1
v3.13.0a2
v3.13.0a3
v3.13.0a4
v3.13.0a5
v3.13.0a6
v3.13.0b1
v3.4.6
v3.4.6rc1
v3.5.3
v3.5.3rc1
v3.6.0
v3.7.0a1
v3.7.0a2
v3.7.0a3
v3.7.0a4
v3.8.0
v3.8.0a1
v3.8.0a2
v3.8.0a3
v3.8.0a4
v3.8.0b1
v3.8.0b2
v3.8.0b3
v3.8.0b4
v3.8.0rc1
v3.8.1
v3.8.10
v3.8.11
v3.8.12
v3.8.13
v3.8.14
v3.8.15
v3.8.16
v3.8.17
v3.8.18
v3.8.19
v3.8.1rc1
v3.8.2
v3.8.2rc1
v3.8.2rc2
v3.8.3
v3.8.3rc1
v3.8.4
v3.8.4rc1
v3.8.5
v3.8.6
v3.8.6rc1
v3.8.7
v3.8.7rc1
v3.8.8
v3.8.8rc1
v3.8.9
v3.9.0
v3.9.0a1
v3.9.0a2
v3.9.0a3
v3.9.0a4
v3.9.0a5
v3.9.0a6
v3.9.0b1
v3.9.0b2
v3.9.0b3
v3.9.0b4
v3.9.0b5
v3.9.0rc1
v3.9.0rc2
v3.9.1
v3.9.10
v3.9.11
v3.9.12
v3.9.13
v3.9.14
v3.9.15
v3.9.16
v3.9.17
v3.9.18
v3.9.19
v3.9.1rc1
v3.9.2
v3.9.2rc1
v3.9.3
v3.9.4
v3.9.5
v3.9.6
v3.9.7
v3.9.8
v3.9.9