MidnightBSD

Advisories for tildearrow

CVE-2022-1211 MEDIUM

A vulnerability classified as critical has been found in tildearrow Furnace dev73. This affects the FUR to VGM converter in console mode which causes stack-based overflows and crashes. It is possible to initiate the attack remotely but it requires user-interaction. A POC has been disclosed to the public and may be used.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@vuldb.com 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 2.8 3.4
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-121,CWE-787,

Products Affected

Vendor Product Version
tildearrow furnace dev73
CVE-2022-1289 MEDIUM

A denial of service vulnerability was found in tildearrow Furnace. It has been classified as problematic. This is due to an incomplete fix of CVE-2022-1211. It is possible to initiate the attack remotely but it requires user interaction. The issue got fixed with the patch 0eb02422d5161767e9983bdaa5c429762d3477ce.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6
cna@vuldb.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-404,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
tildearrow furnace 0.5.4
tildearrow furnace dev77
tildearrow furnace dev72
tildearrow furnace -
tildearrow furnace dev75
tildearrow furnace 0.2
tildearrow furnace 0.5.5
tildearrow furnace 0.4.6
tildearrow furnace 0.6
tildearrow furnace dev78
tildearrow furnace dev8
tildearrow furnace 0.5.6
tildearrow furnace 0.5
tildearrow furnace 0.3.1
tildearrow furnace 0.5.7
tildearrow furnace dev62
tildearrow furnace dev66
tildearrow furnace dev10
tildearrow furnace 0.4
tildearrow furnace dev7
tildearrow furnace dev67
tildearrow furnace dev73
tildearrow furnace 0.4.7
tildearrow furnace 0.3
tildearrow furnace 0.4.2
tildearrow furnace 0.4.5
tildearrow furnace dev5
tildearrow furnace 0.5.2
tildearrow furnace 0.5.8
tildearrow furnace dev63
tildearrow furnace 0.4.4
tildearrow furnace 0.5.1
tildearrow furnace dev9
tildearrow furnace dev79
tildearrow furnace dev70
tildearrow furnace dev6
tildearrow furnace 0.4.3
tildearrow furnace dev69
tildearrow furnace dev76
tildearrow furnace dev80
tildearrow furnace dev65
tildearrow furnace dev68
tildearrow furnace 0.4.1
tildearrow furnace dev64
tildearrow furnace 0.2.1
tildearrow furnace 0.5.3
tildearrow furnace 0.2.2
tildearrow furnace dev71