Lucene search

[email protected]CVE-2023-0817

HistoryFeb 13, 2023 - 10:15 p.m.

CVE-2023-0817

2023-02-1322:15:13

CWE-125

CWE-126

[email protected]

web.nvd.nist.gov

cve-2023-0817

buffer over-read

github

gpac

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

25.5%

JSON

Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV.

Affected configurations

NVD

Node

gpacgpacRange<2.3.0-dev

CPENameOperatorVersion
gpac:gpacgpaclt2.3.0-dev

CPE	Name	Operator	Version
gpac:gpac	gpac	lt	2.3.0-dev

CNA Affected

[
  {
    "vendor": "gpac",
    "product": "gpac/gpac",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "v2.3.0-DEV",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/gpac/gpac/commit/be9f8d395bbd196e3812e9cd80708f06bcc206f7

huntr.dev/bounties/cb730bc5-d79c-4de6-9e57-10e8c3ce2cf3

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

25.5%

JSON

Related for CVE-2023-0817

ubuntucve1 prion1 nvd1 cvelist1 veracode1 osv1 huntr1 debiancve1