How severe is CVE-2022-22233?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2022-22233?

This is classified as CWE-690, which is a common weakness in software security.

CVE-2022-22233

MEDIUM Year: 2022

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-690

View all →

Vulnerability Description

An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). In Segment Routing (SR) to Label Distribution Protocol (LDP) interworking scenario, configured with Segment Routing Mapping Server (SRMS) at any node, when an Area Border Router (ABR) leaks the SRMS entries having "S" flag set from IS-IS Level 2 to Level 1, an rpd core might be observed when a specific low privileged CLI command is issued. This issue affects: Juniper Networks Junos OS 21.4 versions prior to 21.4R1-S2, 21.4R2-S1, 21.4R3; 22.1 versions prior to 22.1R2. Juniper Networks Junos OS Evolved 21.4-EVO versions prior to 21.4R1-S2-EVO, 21.4R2-S1-EVO, 21.4R3-EVO; 22.1-EVO versions prior to 22.1R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 21.4R1. Juniper Networks Junos OS Evolved versions prior to 21.4R1-EVO.

CVE-2022-39381

MEDIUM

CVSS:5.5(Medium)

Muhammara is a node module with c/cpp bindings to modify PDF with js for node or electron (based/replacement on/of galkhana/hummusjs). The package muhammara before 2.6.0; all versions of package hummu...

CWE-6902022

CVE-2020-13582

HIGH

CVSS:8.6(High)

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP reque...

CWE-6902020

CVE-2022-20682

HIGH

CVSS:8.6(High)

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthen...

CWE-6902022

CVE-2020-36646

HIGH

CVSS:7.5(High)

A vulnerability classified as problematic has been found in MediaArea ZenLib up to 0.4.38. This affects the function Ztring::Date_From_Seconds_1970_Local of the file Source/ZenLib/Ztring.cpp. The mani...

CWE-6902020

CVE-2020-6095

HIGH

CVSS:7.5(High)

An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference re...

CWE-6902020

CVE-2022-22231

HIGH

CVSS:7.5(High)

An Unchecked Return Value to NULL Pointer Dereference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial o...

CWE-6902022

CVE-2022-22233

Vulnerability Description

Related Vulnerabilities

CVE-2022-39381

CVE-2020-13582

CVE-2022-20682

CVE-2020-36646

CVE-2020-6095

CVE-2022-22231