Lucene search

K
cveMitreCVE-2023-37748
HistoryJul 19, 2023 - 5:15 p.m.

CVE-2023-37748

2023-07-1917:15:22
CWE-835
mitre
web.nvd.nist.gov
34
cve-2023-37748
ngiflib
infinite loop
decodegifimg
security vulnerability
nvd

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

19.8%

ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c.

Affected configurations

Nvd
Node
miniupnp_projectngiflibMatch-
VendorProductVersionCPE
miniupnp_projectngiflib-cpe:2.3:a:miniupnp_project:ngiflib:-:*:*:*:*:*:*:*

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

19.8%

Related for CVE-2023-37748