7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
72.4%
A defect in the libevent evbuffer API could possibly leave some programs
that use the evbuffer API open to potential heap overflows. A program
using the evbuffer_add(), evbuffer_prepend(), evbuffer_expand(),
exbuffer_reserve_space(), or evbuffer_read() functions may be vulnerable
if an attacker is able to coax the linked program into trying to make a
buffer larger than that which would fit into a single size_t.