exploitDog

GHSA-3xm3-79jv-66p7

Опубликовано: 06 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

OCI OpenDDS versions prior to 3.18.1 do not handle a length parameter consistent with the actual length of the associated data, which may allow an attacker to remotely execute arbitrary code.

OCI OpenDDS versions prior to 3.18.1 do not handle a length parameter consistent with the actual length of the associated data, which may allow an attacker to remotely execute arbitrary code.

Ссылки

EPSS

Процентиль: 71%

0.00698

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-130

Связанные уязвимости

CVE-2021-38445

CVSS3: 7

nvd

почти 4 года назад

OCI OpenDDS versions prior to 3.18.1 do not handle a length parameter consistent with the actual length of the associated data, which may allow an attacker to remotely execute arbitrary code.

EPSS

Процентиль: 71%

0.00698

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-130