CVE-2022-4891
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-4891
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-4891.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-4891
- Aliases
- Published
- 2023-01-17T20:15:11Z
- Modified
- 2024-05-17T08:02:31.981924Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability has been found in Sisimai up to 4.25.14p11 and classified as problematic. This vulnerability affects the function to_plain of the file lib/sisimai/string.rb. The manipulation leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may be used. Upgrading to version 4.25.14p12 is able to address this issue. The name of the patch is 51fe2e6521c9c02b421b383943dc9e4bbbe65d4e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218452.
- References
-
- https://gist.githubusercontent.com/gmcabrita/e5dc0332473fc2e3a7a407434c8d21c7/raw/00b12035e5e1b685469f143b94301a50306376ba/example.html
- https://github.com/sisimai/rb-sisimai/pull/244
- https://github.com/sisimai/rb-sisimai/commit/51fe2e6521c9c02b421b383943dc9e4bbbe65d4e
- https://github.com/sisimai/rb-sisimai/releases/tag/v4.25.14p12
- https://vuldb.com/?ctiid.218452
- https://vuldb.com/?id.218452
Affected packages
Git / github.com/sisimai/rb-sisimai
Affected ranges
- Type
- GIT
- Repo
- https://github.com/sisimai/rb-sisimai
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v4.*
v4.14.2
v4.15.0
v4.16.0
v4.17.0
v4.17.0p1
v4.17.1
v4.17.2
v4.18.0
v4.18.1
v4.19.0
v4.20.1
v4.20.2
v4.20.2p1
v4.20.2p2
v4.21.0
v4.21.0p1
v4.21.0p2
v4.21.0p3
v4.21.0p4
v4.21.0p5
v4.21.1
v4.21.1p1
v4.22.0
v4.22.1
v4.22.1p1
v4.22.1p2
v4.22.1p3
v4.22.1p4
v4.22.2
v4.22.2p1
v4.22.2p2
v4.22.2p3
v4.22.3
v4.22.3p1
v4.22.3p3
v4.22.4
v4.22.4p1
v4.22.4p2
v4.22.4p3
v4.22.5
v4.22.5p1
v4.22.5p2
v4.22.6
v4.22.6p1
v4.22.6p3
v4.22.7
v4.22.7p1
v4.22.7p2
v4.23.0
v4.23.0p1
v4.23.0p2
v4.24.0
v4.24.0p1
v4.24.1
v4.24.1p1
v4.24.1p2
v4.24.1p3
v4.24.1p4
v4.24.1p5
v4.24.1p6
v4.24.1p7
v4.24.1p8
v4.25.0
v4.25.0p1
v4.25.0p3
v4.25.0p4
v4.25.0p5
v4.25.0p6
v4.25.1
v4.25.10
v4.25.10p1
v4.25.11
v4.25.11p1
v4.25.11p2
v4.25.12
v4.25.13
v4.25.14
v4.25.14p1
v4.25.14p10
v4.25.14p11
v4.25.14p3
v4.25.14p5
v4.25.14p6
v4.25.14p7
v4.25.14p8
v4.25.14p9
v4.25.2
v4.25.2p1
v4.25.3
v4.25.3p1
v4.25.3p2
v4.25.3p3
v4.25.4
v4.25.4p1
v4.25.4p2
v4.25.4p3
v4.25.4p4
v4.25.4p5
v4.25.4p6
v4.25.5
v4.25.5p1
v4.25.5p10
v4.25.5p11
v4.25.5p12
v4.25.5p13
v4.25.5p2
v4.25.5p3
v4.25.5p4
v4.25.5p5
v4.25.5p6
v4.25.5p7
v4.25.5p8
v4.25.5p9
v4.25.6
v4.25.7
v4.25.7p1
v4.25.7p2
v4.25.7p3
v4.25.7p4
v4.25.8
v4.25.8p1
v4.25.8p2
v4.25.9
v4.25.9p2
v4.25.9p3
v4.25.9p4