CVE-2022-23462 - IOWOW is a C utility library and persistent key/value storage engine. Versions 1.4.15 and prior cont

CVE-2022-23462

Summary

IOWOW is a C utility library and persistent key/value storage engine. Versions 1.4.15 and prior contain a stack buffer overflow vulnerability that allows for Denial of Service (DOS) when it parses scientific notation numbers present in JSON. A patch for this issue is available at commit a79d31e4cff1d5a08f665574b29fd885897a28fd in the `master` branch of the repository. There are no workarounds other than applying the patch.

References

Vulnerable Configurations

cpe:2.3:a:softmotions:iowow:-:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:-:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.13:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.13:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.7:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.7:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.9:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.9:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.11:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.11:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.12:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.12:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.13:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.13:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.14:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.14:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.15:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.15:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.16:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.16:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.17:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.17:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.18:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.18:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.19:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.19:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.20:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.20:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.22:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.22:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.23:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.23:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.24:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.24:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.25:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.25:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.26:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.26:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.27:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.27:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.28:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.28:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.29:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.29:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.30:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.30:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.31:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.31:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.32:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.32:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.35:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.35:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.36:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.36:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.37:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.3.37:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.9:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.9:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.11:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.11:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.12:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.12:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.13:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.13:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.14:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.14:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.15:*:*:*:*:*:*:*
cpe:2.3:a:softmotions:iowow:1.4.15:*:*:*:*:*:*:*

CVSS

Base:	None
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

24-10-2022 - 16:08

Published

21-10-2022 - 22:15

Last modified

24-10-2022 - 16:08