Skip to content

The affected product is vulnerable to an integer overflow...

Critical severity Unreviewed Published May 24, 2022 to the GitHub Advisory Database • Updated Jan 29, 2023

Package

No package listedSuggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

The affected product is vulnerable to an integer overflow while processing HTTP headers, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prior to v4.40.00, CC3200 SDK v1.5.0 and prior, CC3100 SDK v1.3.0 and prior).

References

Published by the National Vulnerability Database May 7, 2021
Published to the GitHub Advisory Database May 24, 2022
Last updated Jan 29, 2023

Severity

Critical

EPSS score

0.432%
(75th percentile)

Weaknesses

CVE ID

CVE-2021-22679

GHSA ID

GHSA-j3p4-hfx7-672p

Source code

No known source code

Dependabot alerts are not supported on this advisory because it does not have a package from a supported ecosystem with an affected and fixed version.

Learn more about GitHub language support

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.