Lucene search

[email protected]CVE-2023-50570

HistoryDec 29, 2023 - 3:15 p.m.

CVE-2023-50570

2023-12-2915:15:09

CWE-835

[email protected]

web.nvd.nist.gov

nvd

cve-2023-50570

ipaddress

component

security

vulnerability

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.9%

JSON

An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop. This is disputed because an infinite loop occurs only for cases in which the developer supplies invalid arguments. The product is not intended to always halt for contrived inputs.

Affected configurations

NVD

Node

seancfoleyipaddressMatch5.1.0

CPENameOperatorVersion
seancfoley:ipaddressseancfoley ipaddresseq5.1.0

CPE	Name	Operator	Version
seancfoley:ipaddress	seancfoley ipaddress	eq	5.1.0

References

github.com/seancfoley/IPAddress/issues/118

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.9%

JSON

Related for CVE-2023-50570

prion1 veracode1 cvelist1 nvd1 github1 ibm1