CVE-2022-44640
CRITICAL9.8EPSS 1.6%Published: 12/25/2022Modified: 12/3/2025
Also known as:ALPINE-CVE-2022-44640
Description
Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).
Affected packages (3)
- Alpine/heimdalfrom 0, < 7.7.1-r0
- Debian/heimdalfrom 0, < 7.7.0+dfsg-2+deb11u2
- Debian/sambafrom 0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |