6.2 Medium
AI Score
Confidence
Low
0.065 Low
EPSS
Percentile
93.7%
MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.