CVE-2023-22652

Опубликовано: 01 июн. 2023

Источник: debian

EPSS Низкий

Описание

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libeconf	fixed	0.5.2+dfsg1-1		package
libeconf	fixed	0.5.1+dfsg1-1+deb12u1	bookworm	package

Примечания

https://github.com/openSUSE/libeconf/issues/177
https://github.com/openSUSE/libeconf/commit/8d086dfc69d4299e55e4844e3573b3a4cf420f19 (v0.5.2)
Patch overlaps with patch for CVE-2023-32181.

EPSS

Процентиль: 21%

0.00068

Низкий

Связанные уязвимости

CVE-2023-22652

CVSS3: 3.3

ubuntu

около 2 лет назад

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2.

CVE-2023-22652

CVSS3: 6.5

redhat

больше 2 лет назад

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2.

CVE-2023-22652

CVSS3: 3.3

nvd

около 2 лет назад

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2.

GHSA-rgj6-mpw9-qm58

CVSS3: 3.3

github

около 2 лет назад

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2.

ELSA-2023-4347

oracle-oval

около 2 лет назад

ELSA-2023-4347: libeconf security update (MODERATE)

EPSS

Процентиль: 21%

0.00068

Низкий