-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
SwiftSwift| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| github.com/facebook/zstd | swift | < 1.5.4 | 1.5.4 |
| zstd | pip | < 1.5.4.0 | 1.5.4.0 |
Miggo AIRoot Cause AnalysisThe vulnerability (CVE-2022-4899) occurs when an empty string is supplied as a command-line argument for an output directory in the zstd tool.
main function in programs/zstdcli.c is identified as vulnerable because it's responsible for parsing command-line arguments. The patch f9f27de91c89d826c6a39c3ef44fb1b02f9a43aa adds checks to prevent empty strings for --output-dir-flat and --output-dir-mirror options. Its prior lack of these checks allowed the problematic input to proceed.mallocAndJoin2Dir function in programs/util.c is identified as vulnerable because it contains the code that directly causes a buffer underflow. The patch e1873ad576cb478fff0e6e44ad99599cd5fd2846 modifies this function to prevent an out-of-bounds read (*(buffer - 1)) when dir1 (the first directory path component) is empty, by ensuring dir1Size > 0 before the access.
Thus, main allows the malicious input, and mallocAndJoin2Dir (or functions it's called by, using its logic) suffers the memory corruption. Both would appear in a runtime profile during exploitation. The commit c8a619aebdbd6b838fbfef6e19325a70f631a4c6 for python-zstd merely updates the zstd library version and does not contain these C functions.KEV Misses 88% of Exploited CVEs- Get the report