7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.4%
EDK2’s Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This
vulnerability can be exploited by an attacker to gain unauthorized
access and potentially lead to a loss of Availability.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | 3.19-community | noarch | edk2 | = 0.0.202308-r0 | UNKNOWN |
Alpine | edge-community | noarch | edk2 | = 0.0.202308-r1 | UNKNOWN |
Alpine | 3.20-community | noarch | edk2 | = 0.0.202308-r1 | UNKNOWN |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.4%