Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-28886

A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine

Published

2022-09-23T19:15:11.447

Last Modified

2025-05-22T19:15:29.937

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-835
Type: Secondary
CWE-835

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	f-secure	cloud_protection_for_salesforce	*	Yes
Application	f-secure	collaboration_protection	*	Yes
Application	f-secure	elements_endpoint_protection	*	Yes
Application	f-secure	internet_gatekeeper	-	Yes
Application	f-secure	linux_security	*	Yes

References

https://www.f-secure.com/en/business/support-and-downloads/security-advisories Vendor Advisory ([email protected])
https://www.withsecure.com/en/support/security-advisories Third Party Advisory ([email protected])
https://www.f-secure.com/en/business/support-and-downloads/security-advisories Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.withsecure.com/en/support/security-advisories Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)