{"id":"CVE-2022-29788","details":"libmobi before v0.10 contains a NULL pointer dereference via the component mobi_buffer_getpointer. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mobi file.","modified":"2026-04-11T23:14:58.581610Z","published":"2022-06-02T14:15:51.247Z","references":[{"type":"FIX","url":"https://github.com/bfabiszewski/libmobi/commit/ce0ab6586069791b1e8e2a42f44318e581c39939"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/bfabiszewski/libmobi","events":[{"introduced":"0"},{"fixed":"aac5b1f578b284b2f886d6d25cde22a33d8534f8"},{"fixed":"ce0ab6586069791b1e8e2a42f44318e581c39939"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.10"}]}}],"versions":["v0.10","v0.2","v0.3","v0.4","v0.5","v0.6","v0.7","v0.8","v0.9"],"database_specific":{"vanir_signatures_modified":"2026-04-11T23:14:58Z","vanir_signatures":[{"id":"CVE-2022-29788-10b0c300","target":{"file":"src/index.c"},"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["9587912500244841242761623461993484356","325609148742769093108696337493334546979","313274351642807138481567418773480517342","71992697451769064556460110470947014042"]},"deprecated":false,"signature_type":"Line","source":"https://github.com/bfabiszewski/libmobi/commit/ce0ab6586069791b1e8e2a42f44318e581c39939"},{"id":"CVE-2022-29788-f1fccef4","target":{"file":"src/index.c","function":"mobi_trie_insert_infl"},"signature_version":"v1","digest":{"function_hash":"111361951981818957415269603156071108548","length":682},"deprecated":false,"signature_type":"Function","source":"https://github.com/bfabiszewski/libmobi/commit/ce0ab6586069791b1e8e2a42f44318e581c39939"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-29788.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}