Lucene search

[email protected]CVE-2023-26768

HistoryMar 16, 2023 - 3:15 p.m.

CVE-2023-26768

2023-03-1615:15:10

CWE-120

[email protected]

web.nvd.nist.gov

cve

buffer overflow

liblouis

nvd

vulnerability

denial of service

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

51.4%

JSON

Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions.

CPENameOperatorVersion
liblouis:liblouisliblouiseq3.24.0

CPE	Name	Operator	Version
liblouis:liblouis	liblouis	eq	3.24.0

References

github.com/liblouis/liblouis/issues/1301

github.com/liblouis/liblouis/pull/1302

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

51.4%

JSON

Related for CVE-2023-26768

openvas5 veracode1 prion1 cvelist1 redhatcve1 ubuntucve1 debiancve1 osv3 nessus9 cbl_mariner1 redos1 ubuntu2 oraclelinux1 amazon1 almalinux1 redhat1