[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-4144":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":49,"related":50,"reserved_at":9,"published_at":57,"modified_at":58,"state":59,"summary":60,"references_raw":69,"kevs":96,"epss":97,"epss_history":100,"metrics":366,"affected":374},"CVE-2022-4144","An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37,39,41,43,45,47],{"_key":28},"RHSA-2023:0099",{"_key":30},"RHSA-2023:0432",{"_key":32},"SUSE-SU-2023:0878-1",{"_key":34},"SUSE-SU-2023:0761-1",{"_key":36},"SUSE-SU-2023:0840-1",{"_key":38},"SUSE-SU-2023:0877-1",{"_key":40},"UBUNTU-CVE-2022-4144",{"_key":42},"SUSE-SU-2023:0671-1",{"_key":44},"OPENSUSE-SU-2024:12685-1",{"_key":46},"DEBIAN-CVE-2022-4144",{"_key":48},"USN-6167-1",[],[51,52,53,54,55,56],{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":42},{"_key":44},"2022-11-29T00:00:00.000Z","2025-04-14T18:09:55.614Z","Modified",{"cisa_kev":61,"cisa_ransomware":61,"cisa_vendor":9,"epss_severity":62,"epss_score":63,"severity":64,"severity_score":65,"severity_version":66,"severity_source":67,"severity_vector":68,"severity_status":59},false,"low",0.00023,"medium",6.5,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",[70,78,83,88,92],{"url":71,"sources":72,"tags":74},"https://bugzilla.redhat.com/show_bug.cgi?id=2148506",[67,73],"nvd",[75,76,77],"Issue Tracking","Patch","Third Party Advisory",{"url":79,"sources":80,"tags":81},"https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg04143.html",[67,73],[82,76,77],"Mailing List",{"url":84,"sources":85,"tags":86},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/",[67,73],[87],"Vendor Advisory",{"url":89,"sources":90,"tags":91},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTVPHLLXJ65BUMFBUUZ35F3J632SLFRK/",[67,73],[87],{"url":93,"sources":94,"tags":95},"https://security.netapp.com/advisory/ntap-20230127-0012/",[67,73],[77],[],{"date":98,"score":63,"percentile":99},"2026-06-04",0.06771,[101,105,108,111,114,117,120,123,126,129,132,135,137,139,142,146,149,152,155,157,159,161,163,166,169,172,174,178,181,185,188,191,194,197,200,203,206,209,212,215,218,221,223,225,229,232,235,238,241,244,247,250,253,256,259,262,265,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,327,330,333,336,339,342,345,348,351,354,357,360,363],{"date":102,"score":103,"percentile":104},"2025-11-04",0.0001,0.00817,{"date":106,"score":103,"percentile":107},"2025-11-05",0.00825,{"date":109,"score":103,"percentile":110},"2025-11-06",0.00827,{"date":112,"score":103,"percentile":113},"2025-11-07",0.00831,{"date":115,"score":103,"percentile":116},"2025-11-08",0.00828,{"date":118,"score":103,"percentile":119},"2025-11-09",0.00826,{"date":121,"score":103,"percentile":122},"2025-11-10",0.00819,{"date":124,"score":103,"percentile":125},"2025-11-11",0.00823,{"date":127,"score":103,"percentile":128},"2025-11-12",0.00821,{"date":130,"score":103,"percentile":131},"2025-11-13",0.00822,{"date":133,"score":103,"percentile":134},"2025-11-14",0.00824,{"date":136,"score":103,"percentile":119},"2025-11-15",{"date":138,"score":103,"percentile":107},"2025-11-16",{"date":140,"score":103,"percentile":141},"2025-11-17",0.00815,{"date":143,"score":144,"percentile":145},"2025-11-18",0.00077,0.19247,{"date":147,"score":144,"percentile":148},"2025-11-19",0.1927,{"date":150,"score":144,"percentile":151},"2025-11-20",0.19259,{"date":153,"score":103,"percentile":154},"2025-11-21",0.0083,{"date":156,"score":103,"percentile":116},"2025-11-22",{"date":158,"score":103,"percentile":128},"2025-11-23",{"date":160,"score":103,"percentile":122},"2025-11-24",{"date":162,"score":103,"percentile":141},"2025-11-25",{"date":164,"score":103,"percentile":165},"2025-11-26",0.00805,{"date":167,"score":103,"percentile":168},"2025-11-27",0.00804,{"date":170,"score":103,"percentile":171},"2025-11-28",0.0081,{"date":173,"score":103,"percentile":119},"2025-11-29",{"date":175,"score":176,"percentile":177},"2025-11-30",0.00011,0.0107,{"date":179,"score":176,"percentile":180},"2025-12-01",0.01095,{"date":182,"score":183,"percentile":184},"2025-12-02",0.00018,0.03537,{"date":186,"score":183,"percentile":187},"2025-12-03",0.03548,{"date":189,"score":183,"percentile":190},"2025-12-04",0.03488,{"date":192,"score":183,"percentile":193},"2025-12-05",0.03534,{"date":195,"score":183,"percentile":196},"2025-12-06",0.03549,{"date":198,"score":183,"percentile":199},"2025-12-07",0.03553,{"date":201,"score":183,"percentile":202},"2025-12-08",0.03551,{"date":204,"score":183,"percentile":205},"2025-12-09",0.03576,{"date":207,"score":183,"percentile":208},"2025-12-10",0.03613,{"date":210,"score":183,"percentile":211},"2025-12-11",0.03604,{"date":213,"score":183,"percentile":214},"2025-12-12",0.03616,{"date":216,"score":183,"percentile":217},"2025-12-13",0.03621,{"date":219,"score":183,"percentile":220},"2025-12-14",0.03619,{"date":222,"score":183,"percentile":211},"2025-12-15",{"date":224,"score":183,"percentile":217},"2025-12-16",{"date":226,"score":227,"percentile":228},"2025-12-17",0.0002,0.04734,{"date":230,"score":227,"percentile":231},"2025-12-18",0.04768,{"date":233,"score":227,"percentile":234},"2025-12-19",0.04755,{"date":236,"score":227,"percentile":237},"2025-12-20",0.0475,{"date":239,"score":227,"percentile":240},"2025-12-21",0.04775,{"date":242,"score":227,"percentile":243},"2025-12-22",0.04711,{"date":245,"score":227,"percentile":246},"2025-12-23",0.04722,{"date":248,"score":227,"percentile":249},"2025-12-24",0.04744,{"date":251,"score":227,"percentile":252},"2025-12-25",0.04782,{"date":254,"score":227,"percentile":255},"2025-12-26",0.04784,{"date":257,"score":227,"percentile":258},"2025-12-27",0.04783,{"date":260,"score":227,"percentile":261},"2025-12-28",0.04776,{"date":263,"score":227,"percentile":264},"2025-12-29",0.0477,{"date":266,"score":227,"percentile":243},"2025-12-30",{"date":268,"score":227,"percentile":269},"2025-12-31",0.04728,{"date":271,"score":227,"percentile":272},"2026-01-01",0.04803,{"date":274,"score":227,"percentile":275},"2026-01-02",0.04802,{"date":277,"score":227,"percentile":278},"2026-01-03",0.04788,{"date":280,"score":227,"percentile":281},"2026-01-04",0.04689,{"date":283,"score":227,"percentile":284},"2026-01-05",0.04624,{"date":286,"score":227,"percentile":287},"2026-01-06",0.04621,{"date":289,"score":227,"percentile":290},"2026-01-07",0.04639,{"date":292,"score":227,"percentile":293},"2026-01-08",0.04668,{"date":295,"score":227,"percentile":296},"2026-01-09",0.04667,{"date":298,"score":227,"percentile":299},"2026-01-10",0.04675,{"date":301,"score":227,"percentile":302},"2026-01-11",0.0466,{"date":304,"score":227,"percentile":305},"2026-01-12",0.04669,{"date":307,"score":227,"percentile":308},"2026-01-13",0.04659,{"date":310,"score":227,"percentile":311},"2026-01-14",0.04704,{"date":313,"score":227,"percentile":314},"2026-01-15",0.04612,{"date":316,"score":227,"percentile":317},"2026-01-16",0.04583,{"date":319,"score":227,"percentile":320},"2026-01-17",0.04581,{"date":322,"score":227,"percentile":323},"2026-01-18",0.04565,{"date":325,"score":227,"percentile":326},"2026-01-19",0.04517,{"date":328,"score":227,"percentile":329},"2026-01-20",0.04473,{"date":331,"score":227,"percentile":332},"2026-01-21",0.04462,{"date":334,"score":227,"percentile":335},"2026-01-22",0.04446,{"date":337,"score":227,"percentile":338},"2026-01-23",0.04496,{"date":340,"score":227,"percentile":341},"2026-01-24",0.04539,{"date":343,"score":227,"percentile":344},"2026-01-25",0.04535,{"date":346,"score":227,"percentile":347},"2026-01-26",0.04519,{"date":349,"score":227,"percentile":350},"2026-01-27",0.04509,{"date":352,"score":227,"percentile":353},"2026-01-28",0.04495,{"date":355,"score":227,"percentile":356},"2026-01-29",0.04512,{"date":358,"score":227,"percentile":359},"2026-01-30",0.0452,{"date":361,"score":227,"percentile":362},"2026-01-31",0.04498,{"date":364,"score":227,"percentile":365},"2026-02-01",0.0461,[367,372],{"source":67,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":368,"cvss_v4_0":9},{"baseScore":65,"baseSeverity":369,"vectorString":68,"impactScore":370,"exploitabilityScore":371},"MEDIUM",6.7,5.1,{"source":73,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":373,"cvss_v4_0":9},{"baseScore":65,"baseSeverity":369,"vectorString":68,"impactScore":370,"exploitabilityScore":371},[375,384,390,398],{"ecosystem":9,"name":376,"vendor":377,"product":378,"cpe_part":379,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":380},"extra packages for enterprise linux","fedoraproject","extra_packages_for_enterprise_linux","a",[381],{"version":382,"is_range":61,"range_type":383,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"ecosystem":9,"name":385,"vendor":377,"product":385,"cpe_part":386,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":387},"fedora","o",[388],{"version":389,"is_range":61,"range_type":383,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"37",{"ecosystem":9,"name":391,"vendor":391,"product":391,"cpe_part":379,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":392},"qemu",[393],{"version":394,"is_range":395,"range_type":383,"version_start":9,"version_start_type":9,"version_end":396,"version_end_type":397,"fixed_in":9},"lte7.1.0",true,"7.1.0","including",{"ecosystem":9,"name":399,"vendor":400,"product":401,"cpe_part":386,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":402},"enterprise linux","redhat","enterprise_linux",[403],{"version":382,"is_range":61,"range_type":383,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]