CVE-2023-22652

Опубликовано: 16 мар. 2023

Источник: redhat

CVSS3: 6.5

EPSS Низкий

Описание

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2.

A flaw was found in the libeconf library. This issue occurs when parsing a specially crafted configuration file, causing a stack-based buffer overflow, resulting in a denial of service.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-120

https://bugzilla.redhat.com/show_bug.cgi?id=2212463libeconf: stack-based buffer overflow in read_file() in lib/getfilecontents.c

EPSS

Процентиль: 21%

0.00068

Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2023-22652

CVSS3: 3.3

ubuntu

больше 2 лет назад

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2.

CVE-2023-22652

CVSS3: 3.3

nvd

больше 2 лет назад

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2.

CVE-2023-22652

CVSS3: 3.3

debian

больше 2 лет назад

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow ...

GHSA-rgj6-mpw9-qm58

CVSS3: 3.3

github

больше 2 лет назад

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2.

ELSA-2023-4347

oracle-oval

больше 2 лет назад

ELSA-2023-4347: libeconf security update (MODERATE)

EPSS

Процентиль: 21%

0.00068

Низкий

6.5 Medium

CVSS3