CVE-2022-41404
HIGHini4j <= 0.5.4 - Denial of Service via BasicProfile fetch() Method
Title source: llmDescription
An issue in the fetch() method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
References (3)
Core 3
Core References
Various Sources
https://github.com/Checkmarx/Vulnerabilities-Proofs-of-Concept/tree/main/2022/CVE-2022-41404
Exploit, Mailing List, Third Party Advisory
https://sourceforge.net/p/ini4j/bugs/56/
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2022/11/msg00037.html
Scores
CVSS v3
7.5
EPSS
0.0079
EPSS Percentile
74.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-400
Status
published
Products (3)
debian/debian_linux
10.0
ini4j_project/ini4j
< 0.5.4
org.ini4j/ini4j
0Maven
Published
Oct 11, 2022
Tracked Since
Feb 18, 2026