exploitDog

CVE-2023-34115

Опубликовано: 13 июн. 2023

Источник: nvd

CVSS3: 4.3

CVSS3: 3.8

EPSS Низкий

Описание

Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue may result in the Zoom Meeting SDK to crash and need to be restarted.

Ссылки

https://explore.zoom.us/en/trust/security/security-bulletin/
Vendor Advisory
https://explore.zoom.us/en/trust/security/security-bulletin/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zoom:meeting_sdk:*:*:*:*:*:*:*:*

Версия до 5.13.0 (исключая)

EPSS

Процентиль: 16%

0.00051

Низкий

4.3 Medium

CVSS3

3.8 Low

CVSS3

Дефекты

CWE-120

CWE-120

Связанные уязвимости

GHSA-xq86-4h9v-gqp7

CVSS3: 4.3

github

больше 2 лет назад

Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue may result in the Zoom Meeting SDK to crash and need to be restarted.

EPSS

Процентиль: 16%

0.00051

Низкий

4.3 Medium

CVSS3

3.8 Low

CVSS3

Дефекты

CWE-120

CWE-120