Описание
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:freeradius:freeradius:3.0.14:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01995
Низкий
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-835
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 8 лет назад
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service.
CVSS3: 5.9
redhat
больше 8 лет назад
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service.
CVSS3: 7.5
debian
больше 8 лет назад
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite lo ...
CVSS3: 7.5
github
больше 3 лет назад
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service.
EPSS
Процентиль: 83%
0.01995
Низкий
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-835