Описание
Rhonabwy before v1.1.5 was discovered to contain a buffer overflow via the component r_jwe_aesgcm_key_unwrap. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted JWE token.
Ссылки
- Third Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.5 (исключая)
cpe:2.3:a:rhonabwy_project:rhonabwy:*:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00569
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-120
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 3 лет назад
Rhonabwy before v1.1.5 was discovered to contain a buffer overflow via the component r_jwe_aesgcm_key_unwrap. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted JWE token.
CVSS3: 7.5
debian
больше 3 лет назад
Rhonabwy before v1.1.5 was discovered to contain a buffer overflow via ...
CVSS3: 7.5
github
больше 3 лет назад
Rhonabwy before v1.1.5 was discovered to contain a buffer overflow via the component r_jwe_aesgcm_key_unwrap. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted JWE token.
EPSS
Процентиль: 68%
0.00569
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-120