[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-37454":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":34,"duplicate_of":9,"upstream":43,"downstream":44,"duplicates":117,"related":118,"reserved_at":9,"published_at":135,"modified_at":136,"state":137,"summary":138,"references_raw":146,"kevs":260,"epss":261,"epss_history":264,"metrics":534,"affected":543},"CVE-2022-37454","The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","weakness","Stable","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-92","Forced Integer Overflow",[],[25],{"_key":26,"name":27,"source":28,"url":29,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":33,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_6523746DC5520985","Exploit Reference (mouha.be)","reference","https://mouha.be/sha-3-buffer-overflow/","unknown",0.2,false,[],[35,36,37,38,39,40,41,42],"GHSA-6w4m-2xhg-2658","BIT-libphp-2022-37454","BIT-libpython-2022-37454","BIT-php-2022-37454","BIT-php-min-2022-37454","BIT-python-2022-37454","BIT-python-min-2022-37454","PSF-2022-11",[],[45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87,89,91,93,95,97,99,101,103,105,107,109,111,113,115],{"_key":46},"ALPINE-CVE-2022-37454",{"_key":48},"RHSA-2023:0848",{"_key":50},"RHSA-2023:0965",{"_key":52},"RHSA-2023:2417",{"_key":54},"RHSA-2023:2903",{"_key":56},"DLA-4445-1",{"_key":58},"SUSE-SU-2022:4005-1",{"_key":60},"SUSE-SU-2023:0707-1",{"_key":62},"SUSE-SU-2022:3924-1",{"_key":64},"SUSE-SU-2022:4068-1",{"_key":66},"SUSE-SU-2022:4274-1",{"_key":68},"SUSE-SU-2022:3997-1",{"_key":70},"SUSE-SU-2022:4067-1",{"_key":72},"SUSE-SU-2022:4069-1",{"_key":74},"SUSE-SU-2022:4281-1",{"_key":76},"SUSE-SU-2023:0748-1",{"_key":78},"OPENSUSE-SU-2024:12461-1",{"_key":80},"OPENSUSE-SU-2024:12476-1",{"_key":82},"OPENSUSE-SU-2024:12559-1",{"_key":84},"OPENSUSE-SU-2024:12563-1",{"_key":86},"DLA-3174-1",{"_key":88},"DLA-3175-1",{"_key":90},"DLA-3243-1",{"_key":92},"DSA-5267-1",{"_key":94},"DSA-5269-1",{"_key":96},"DSA-5277-1",{"_key":98},"UBUNTU-CVE-2022-37454",{"_key":100},"USN-5717-1",{"_key":102},"USN-5767-1",{"_key":104},"USN-5767-3",{"_key":106},"USN-5888-1",{"_key":108},"USN-5930-1",{"_key":110},"USN-5931-1",{"_key":112},"USN-6524-1",{"_key":114},"USN-6525-1",{"_key":116},"DEBIAN-CVE-2022-37454",[],[119,120,121,122,123,124,125,126,127,128,129,130,131,132,133],{"_key":58},{"_key":60},{"_key":62},{"_key":64},{"_key":66},{"_key":68},{"_key":70},{"_key":72},{"_key":74},{"_key":76},{"_key":78},{"_key":80},{"_key":82},{"_key":84},{"_key":134},"CGA-22CQ-X9CJ-9W2F","2022-10-21T00:00:00.000Z","2025-05-08T15:03:28.946Z","Modified",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":139,"epss_score":140,"severity":141,"severity_score":142,"severity_version":143,"severity_source":144,"severity_vector":145,"severity_status":137},"low",0.014,"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[147,156,160,165,170,175,179,183,187,191,195,199,203,207,211,216,220,224,228,232,236,240,244,248,252,256],{"url":148,"sources":149,"tags":152},"https://csrc.nist.gov/projects/hash-functions/sha-3-project",[144,150,151],"nvd","osv_pypi",[153,154,155],"Third Party Advisory","US Government Resource","WEB",{"url":29,"sources":157,"tags":158},[144,150],[159,153],"Exploit",{"url":161,"sources":162,"tags":163},"https://news.ycombinator.com/item?id=33281106",[144,150,151],[164,153,155],"Issue Tracking",{"url":166,"sources":167,"tags":168},"https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658",[144,150,151],[169,153,155],"Patch",{"url":171,"sources":172,"tags":173},"https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html",[144,150,151],[174,153,155],"Mailing List",{"url":176,"sources":177,"tags":178},"https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html",[144,150,151],[174,153,155],{"url":180,"sources":181,"tags":182},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/",[144,150],[174,153],{"url":184,"sources":185,"tags":186},"https://www.debian.org/security/2022/dsa-5267",[144,150,151],[153,155],{"url":188,"sources":189,"tags":190},"https://www.debian.org/security/2022/dsa-5269",[144,150,151],[153,155],{"url":192,"sources":193,"tags":194},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/",[144,150],[174,153],{"url":196,"sources":197,"tags":198},"https://eprint.iacr.org/2023/331",[144,150,151],[155],{"url":200,"sources":201,"tags":202},"https://news.ycombinator.com/item?id=35050307",[144,150,151],[155],{"url":204,"sources":205,"tags":206},"https://security.gentoo.org/glsa/202305-02",[144,150,151],[155],{"url":208,"sources":209,"tags":210},"https://security.netapp.com/advisory/ntap-20230203-0001/",[144,150],[],{"url":212,"sources":213,"tags":214},"https://nvd.nist.gov/vuln/detail/CVE-2022-37454",[151],[215],"Advisory",{"url":217,"sources":218,"tags":219},"https://github.com/XKCP/XKCP/issues/105",[151],[155],{"url":221,"sources":222,"tags":223},"https://github.com/johanns/sha3/issues/17",[151],[155],{"url":225,"sources":226,"tags":227},"https://github.com/tiran/pysha3/issues/29",[151],[155],{"url":229,"sources":230,"tags":231},"https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a",[151],[155],{"url":233,"sources":234,"tags":235},"https://github.com/johanns/sha3/commit/5f2e8118a62831911703c8753ff2435c3b5d7312",[151],[155],{"url":237,"sources":238,"tags":239},"https://mouha.be/sha-3-buffer-overflow",[151],[155],{"url":241,"sources":242,"tags":243},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4",[151],[155],{"url":245,"sources":246,"tags":247},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ",[151],[155],{"url":249,"sources":250,"tags":251},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4",[151],[155],{"url":253,"sources":254,"tags":255},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ",[151],[155],{"url":257,"sources":258,"tags":259},"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sha3/CVE-2022-37454.yml",[151],[155],[],{"date":262,"score":140,"percentile":263},"2026-06-04",0.80758,[265,269,272,276,279,282,285,288,291,294,297,300,303,306,309,313,316,319,322,325,328,331,334,337,339,342,344,347,350,353,356,359,362,364,366,369,372,375,378,381,384,387,390,393,396,400,403,406,409,412,415,419,422,425,429,432,435,439,442,445,448,451,455,458,461,464,467,470,472,475,478,481,484,486,489,492,495,498,501,504,507,510,513,516,518,521,524,526,528,531],{"date":266,"score":267,"percentile":268},"2025-11-04",0.01275,0.78881,{"date":270,"score":267,"percentile":271},"2025-11-05",0.7888,{"date":273,"score":274,"percentile":275},"2025-11-06",0.01156,0.77861,{"date":277,"score":274,"percentile":278},"2025-11-07",0.77875,{"date":280,"score":274,"percentile":281},"2025-11-08",0.77881,{"date":283,"score":274,"percentile":284},"2025-11-09",0.77876,{"date":286,"score":274,"percentile":287},"2025-11-10",0.77865,{"date":289,"score":274,"percentile":290},"2025-11-11",0.77866,{"date":292,"score":274,"percentile":293},"2025-11-12",0.77884,{"date":295,"score":274,"percentile":296},"2025-11-13",0.77894,{"date":298,"score":274,"percentile":299},"2025-11-14",0.77904,{"date":301,"score":274,"percentile":302},"2025-11-15",0.77901,{"date":304,"score":274,"percentile":305},"2025-11-16",0.77903,{"date":307,"score":274,"percentile":308},"2025-11-17",0.77897,{"date":310,"score":311,"percentile":312},"2025-11-18",0.03471,0.86353,{"date":314,"score":311,"percentile":315},"2025-11-19",0.86354,{"date":317,"score":311,"percentile":318},"2025-11-20",0.86356,{"date":320,"score":274,"percentile":321},"2025-11-21",0.77923,{"date":323,"score":274,"percentile":324},"2025-11-22",0.77924,{"date":326,"score":274,"percentile":327},"2025-11-23",0.77908,{"date":329,"score":274,"percentile":330},"2025-11-24",0.77907,{"date":332,"score":274,"percentile":333},"2025-11-25",0.77914,{"date":335,"score":274,"percentile":336},"2025-11-26",0.7792,{"date":338,"score":274,"percentile":324},"2025-11-27",{"date":340,"score":274,"percentile":341},"2025-11-28",0.77916,{"date":343,"score":274,"percentile":321},"2025-11-29",{"date":345,"score":274,"percentile":346},"2025-11-30",0.77921,{"date":348,"score":274,"percentile":349},"2025-12-01",0.78027,{"date":351,"score":274,"percentile":352},"2025-12-02",0.78036,{"date":354,"score":274,"percentile":355},"2025-12-03",0.78022,{"date":357,"score":274,"percentile":358},"2025-12-04",0.77911,{"date":360,"score":274,"percentile":361},"2025-12-05",0.77918,{"date":363,"score":274,"percentile":336},"2025-12-06",{"date":365,"score":274,"percentile":333},"2025-12-07",{"date":367,"score":274,"percentile":368},"2025-12-08",0.77917,{"date":370,"score":274,"percentile":371},"2025-12-09",0.77939,{"date":373,"score":274,"percentile":374},"2025-12-10",0.77964,{"date":376,"score":274,"percentile":377},"2025-12-11",0.77978,{"date":379,"score":274,"percentile":380},"2025-12-12",0.77997,{"date":382,"score":274,"percentile":383},"2025-12-13",0.77999,{"date":385,"score":274,"percentile":386},"2025-12-14",0.77995,{"date":388,"score":274,"percentile":389},"2025-12-15",0.7799,{"date":391,"score":274,"percentile":392},"2025-12-16",0.78003,{"date":394,"score":274,"percentile":395},"2025-12-17",0.78012,{"date":397,"score":398,"percentile":399},"2025-12-18",0.01844,0.82495,{"date":401,"score":398,"percentile":402},"2025-12-19",0.82499,{"date":404,"score":398,"percentile":405},"2025-12-20",0.82493,{"date":407,"score":398,"percentile":408},"2025-12-21",0.8249,{"date":410,"score":398,"percentile":411},"2025-12-22",0.82494,{"date":413,"score":398,"percentile":414},"2025-12-23",0.82498,{"date":416,"score":417,"percentile":418},"2025-12-24",0.01455,0.8036,{"date":420,"score":417,"percentile":421},"2025-12-25",0.80379,{"date":423,"score":417,"percentile":424},"2025-12-26",0.8038,{"date":426,"score":427,"percentile":428},"2025-12-27",0.01747,0.82122,{"date":430,"score":417,"percentile":431},"2025-12-28",0.80369,{"date":433,"score":417,"percentile":434},"2025-12-29",0.80367,{"date":436,"score":437,"percentile":438},"2025-12-30",0.01088,0.77399,{"date":440,"score":437,"percentile":441},"2025-12-31",0.77415,{"date":443,"score":437,"percentile":444},"2026-01-01",0.77537,{"date":446,"score":437,"percentile":447},"2026-01-02",0.77539,{"date":449,"score":437,"percentile":450},"2026-01-03",0.77538,{"date":452,"score":453,"percentile":454},"2026-01-04",0.01495,0.80642,{"date":456,"score":453,"percentile":457},"2026-01-05",0.80636,{"date":459,"score":453,"percentile":460},"2026-01-06",0.80641,{"date":462,"score":453,"percentile":463},"2026-01-07",0.80643,{"date":465,"score":453,"percentile":466},"2026-01-08",0.80653,{"date":468,"score":453,"percentile":469},"2026-01-09",0.80654,{"date":471,"score":453,"percentile":466},"2026-01-10",{"date":473,"score":453,"percentile":474},"2026-01-11",0.80645,{"date":476,"score":453,"percentile":477},"2026-01-12",0.80638,{"date":479,"score":453,"percentile":480},"2026-01-13",0.80635,{"date":482,"score":453,"percentile":483},"2026-01-14",0.80657,{"date":485,"score":453,"percentile":483},"2026-01-15",{"date":487,"score":453,"percentile":488},"2026-01-16",0.80667,{"date":490,"score":417,"percentile":491},"2026-01-17",0.80403,{"date":493,"score":417,"percentile":494},"2026-01-18",0.80395,{"date":496,"score":417,"percentile":497},"2026-01-19",0.80388,{"date":499,"score":417,"percentile":500},"2026-01-20",0.8039,{"date":502,"score":417,"percentile":503},"2026-01-21",0.80398,{"date":505,"score":417,"percentile":506},"2026-01-22",0.80406,{"date":508,"score":417,"percentile":509},"2026-01-23",0.80433,{"date":511,"score":417,"percentile":512},"2026-01-24",0.80443,{"date":514,"score":417,"percentile":515},"2026-01-25",0.80434,{"date":517,"score":417,"percentile":509},"2026-01-26",{"date":519,"score":417,"percentile":520},"2026-01-27",0.80437,{"date":522,"score":417,"percentile":523},"2026-01-28",0.80435,{"date":525,"score":417,"percentile":515},"2026-01-29",{"date":527,"score":417,"percentile":509},"2026-01-30",{"date":529,"score":417,"percentile":530},"2026-01-31",0.80439,{"date":532,"score":417,"percentile":533},"2026-02-01",0.80527,[535,539,541],{"source":144,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":536,"cvss_v4_0":9},{"baseScore":142,"baseSeverity":537,"vectorString":145,"impactScore":142,"exploitabilityScore":538},"CRITICAL",10,{"source":150,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":540,"cvss_v4_0":9},{"baseScore":142,"baseSeverity":537,"vectorString":145,"impactScore":142,"exploitabilityScore":538},{"source":151,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":542,"cvss_v4_0":9},{"baseScore":142,"baseSeverity":9,"vectorString":145,"impactScore":142,"exploitabilityScore":538},[544,555,563,571,582,598,606,612,631],{"ecosystem":9,"name":545,"vendor":546,"product":547,"cpe_part":548,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":549},"debian linux","debian","debian_linux","o",[550,553],{"version":551,"is_range":32,"range_type":552,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"version":554,"is_range":32,"range_type":552,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"ecosystem":9,"name":556,"vendor":557,"product":558,"cpe_part":559,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":560},"extended keccak code package","extended_keccak_code_package_project","extended_keccak_code_package","a",[561],{"version":562,"is_range":32,"range_type":552,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":564,"vendor":565,"product":564,"cpe_part":548,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":566},"fedora","fedoraproject",[567,569],{"version":568,"is_range":32,"range_type":552,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"35",{"version":570,"is_range":32,"range_type":552,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"36",{"ecosystem":572,"name":573,"vendor":572,"product":573,"cpe_part":9,"purl_type":574,"purl_namespace":9,"purl_name":573,"source":9,"versions":575},"RubyGems","sha3","gem",[576],{"version":577,"is_range":578,"range_type":579,"version_start":9,"version_start_type":9,"version_end":580,"version_end_type":581,"fixed_in":9},"lt1_0_5",true,"ecosystem","1.0.5","excluding",{"ecosystem":9,"name":583,"vendor":9,"product":583,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":584},"PHP",[585,590,594],{"version":586,"is_range":578,"range_type":552,"version_start":587,"version_start_type":588,"version_end":589,"version_end_type":581,"fixed_in":9},"gte7.2.0_lt7.4.33","7.2.0","including","7.4.33",{"version":591,"is_range":578,"range_type":552,"version_start":592,"version_start_type":588,"version_end":593,"version_end_type":581,"fixed_in":9},"gte8.0.0_lt8.0.25","8.0.0","8.0.25",{"version":595,"is_range":578,"range_type":552,"version_start":596,"version_start_type":588,"version_end":597,"version_end_type":581,"fixed_in":9},"gte8.1.0_lt8.1.12","8.1.0","8.1.12",{"ecosystem":599,"name":600,"vendor":599,"product":600,"cpe_part":9,"purl_type":601,"purl_namespace":9,"purl_name":600,"source":9,"versions":602},"PyPI","pysha3","pypi",[603],{"version":604,"is_range":578,"range_type":579,"version_start":9,"version_start_type":9,"version_end":605,"version_end_type":588,"fixed_in":9},"lte1_0_2","1.0.2",{"ecosystem":9,"name":607,"vendor":607,"product":607,"cpe_part":559,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":608},"pypy",[609],{"version":610,"is_range":578,"range_type":552,"version_start":611,"version_start_type":588,"version_end":9,"version_end_type":9,"fixed_in":9},"gte7.0.0","7.0.0",{"ecosystem":9,"name":613,"vendor":613,"product":613,"cpe_part":559,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":614},"python",[615,619,623,627],{"version":616,"is_range":578,"range_type":552,"version_start":617,"version_start_type":588,"version_end":618,"version_end_type":581,"fixed_in":9},"gte3.6.0_lt3.7.16","3.6.0","3.7.16",{"version":620,"is_range":578,"range_type":552,"version_start":621,"version_start_type":588,"version_end":622,"version_end_type":581,"fixed_in":9},"gte3.8.0_lt3.8.16","3.8.0","3.8.16",{"version":624,"is_range":578,"range_type":552,"version_start":625,"version_start_type":588,"version_end":626,"version_end_type":581,"fixed_in":9},"gte3.9.0_lt3.9.16","3.9.0","3.9.16",{"version":628,"is_range":578,"range_type":552,"version_start":629,"version_start_type":588,"version_end":630,"version_end_type":581,"fixed_in":9},"gte3.10.0_lt3.10.9","3.10.0","3.10.9",{"ecosystem":9,"name":573,"vendor":632,"product":573,"cpe_part":559,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":633},"sha3_project",[634],{"version":635,"is_range":578,"range_type":552,"version_start":9,"version_start_type":9,"version_end":580,"version_end_type":581,"fixed_in":9},"lt1.0.5"]