CVE-2023-4508

Опубликовано: 24 авг. 2023

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file.

Ссылки

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4508
Third Party Advisory
https://github.com/gerbv/gerbv/commit/5517e22250e935dc7f86f64ad414aeae3dbcb36a
https://github.com/gerbv/gerbv/issues/191
Exploit
Issue Tracking
Third Party Advisory
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4508
Third Party Advisory
https://github.com/gerbv/gerbv/commit/5517e22250e935dc7f86f64ad414aeae3dbcb36a
https://github.com/gerbv/gerbv/issues/191
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gerbv_project:gerbv:*:*:*:*:*:*:*:*

Версия от 2.4.0 (включая) до 2.10.0 (включая)

EPSS

Процентиль: 12%

0.00041

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-824

Связанные уязвимости

CVE-2023-4508

CVSS3: 5.5

ubuntu

больше 2 лет назад

A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file.

CVE-2023-4508

CVSS3: 5.5

debian

больше 2 лет назад

A user able to control file input to Gerbv, between versions 2.4.0 and ...

GHSA-m4qj-9cr4-hrw4

CVSS3: 5.5

github

больше 2 лет назад

A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file.

EPSS

Процентиль: 12%

0.00041

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-824