CVE-2022-44640
CRITICAL9.8EPSS 1.2%Published: 12/25/2022Modified: 4/28/2026
Description
Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).
Affected packages (3)
- Alpine/heimdalfrom 0, < 7.7.1-r0
- Debian/heimdalfrom 0, < 7.7.0+dfsg-2+deb11u2
- Debian/sambafrom 0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |