{
  "affected": [
    {
      "ranges": [
        {
          "database_specific": {
            "versions": [
              {
                "introduced": "0"
              },
              {
                "last_affected": "3.29.2"
              }
            ]
          },
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "635bfea271f83d76d0bdb2b15189668a82602651"
            }
          ],
          "repo": "https://github.com/gnome/evolution",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "34bad6173"
            }
          ],
          "repo": "https://gitlab.gnome.org/GNOME/evolution-data-server",
          "type": "GIT"
        }
      ]
    }
  ],
  "details": "addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this because \"the code had computed the required string length first, and then allocated a large-enough buffer on the heap.",
  "id": "CVE-2018-12422",
  "modified": "2026-03-13T21:51:33.983860513Z",
  "published": "2018-06-15T16:29:00.437Z",
  "references": [
    {
      "type": "FIX",
      "url": "https://bugzilla.gnome.org/show_bug.cgi?id=796174"
    },
    {
      "type": "FIX",
      "url": "https://gitlab.gnome.org/GNOME/evolution-data-server/commit/34bad6173"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}