How severe is CVE-2022-39046?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2022-39046?

This is classified as CWE-532, which is a common weakness in software security.

CVE-2022-39046

MEDIUM Year: 2022

CVSS v3 Score

5.3

Medium

Weakness Type

CWE-532

View all →

Vulnerability Description

An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap.

CVE-2015-1343

MEDIUM

CVSS:5.3(Medium)

All versions of unity-scope-gdrive logs search terms to syslog.

CWE-5322015

CVE-2017-1198

MEDIUM

CVSS:5.3(Medium)

IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs vi...

CWE-5322017

CVE-2017-17675

MEDIUM

CVSS:5.3(Medium)

BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system logs. This data can include user names a...

CWE-5322017

CVE-2018-10889

MEDIUM

CVSS:5.3(Medium)

A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No option existed to omit logs from data privacy exports, which may contain details of other users who interacted with the requester.

CWE-5322018