CVE Vulnerabilities

CVE-2022-29617

Improper Handling of Exceptional Conditions

Published: Jun 06, 2022 | Modified: Oct 05, 2022

CVSS 3.x

6.5

MEDIUM

Source:

NVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS 2.x

4 MEDIUM

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-29617
CWE	https://cwe.mitre.org/data/definitions/755.html

Due to improper error handling an authenticated user can crash CLA assistant instance. This could impact the availability of the application.

Weakness

The product does not handle or incorrectly handles an exceptional condition.

Affected Software

Name	Vendor	Start Version	End Version
Contributor_license_agreement_assistant	Sap	*	2.13.0 (excluding)

References

https://github.com/cla-assistant/cla-assistant/security/advisories/GHSA-jjjv-grgr-v8h3

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.