Lucene search
ZephyrCVE-2023-4260HistorySep 27, 2023 - 3:19 p.m.
CVE-2023-4260
2023-09-2715:19:40
CWE-120
CWE-193
zephyr
web.nvd.nist.gov
21
cve-2023-4260
off-by-one
buffer overflow
vulnerability
zephyr
fuse
file system
nvd
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.001
Percentile
41.6%
Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system.
Affected configurations
Node
zephyrprojectzephyrRange≤3.4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zephyrproject | zephyr | * | cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"packageName": "Zephyr",
"product": "Zephyr",
"repo": "https://github.com/zephyrproject-rtos/zephyr",
"vendor": "zephyrproject-rtos",
"versions": [
{
"lessThanOrEqual": "3.4",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
]Related
prion
prion
Buffer overflow
2023-09-27 15:19:00
nvd
nvd
CVE-2023-4260
2023-09-27 15:19:40
cvelist
cvelist
veracode
veracode
Buffer Overflow
2023-10-11 19:40:21
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.001
Percentile
41.6%
Related for CVE-2023-4260