{"id":"PYSEC-2022-43144","details":"Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc.","aliases":["CVE-2022-44940","GHSA-5pcj-3m26-w633","PYSEC-2022-43151"],"modified":"2024-11-25T22:42:12.915518Z","published":"2022-12-19T22:15:00Z","references":[{"type":"WEB","url":"https://github.com/NixOS/patchelf/pull/419"}],"affected":[{"package":{"name":"patchelf","ecosystem":"PyPI","purl":"pkg:pypi/patchelf"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.16.1.0"}]}],"versions":["0.11.0.0","0.12.0.0","0.13.0.0","0.13.1.0","0.14.0.0","0.14.1.0","0.14.2.0","0.14.3.0","0.14.5.0","0.15.0.0"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/patchelf/PYSEC-2022-43144.yaml"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}]}