Lucene search
GitHub Advisory DatabaseGHSA-XWC8-RF6M-XR86HistoryJun 30, 2023 - 9:30 p.m.
hnswlib Double Free vulnerability
2023-06-3021:30:26
CWE-415
GitHub Advisory Database
github.com
10
hnswlib
vulnerability
double free
init_index
large integer
software
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
24.1%
Hnswlib 0.7.0 has a double free in init_index when the M argument is a large integer.
Affected configurations
Node
hnswlib_projecthnswlibRange≤0.7.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hnswlib_project | hnswlib | * | cpe:2.3:a:hnswlib_project:hnswlib:*:*:*:*:*:*:*:* |
Related
debiancve
debiancve
CVE-2023-37365
2023-06-30 19:15:09
nvd
nvd
CVE-2023-37365
2023-06-30 19:15:09
prion
prion
Double free
2023-06-30 19:15:00
cve
cve
CVE-2023-37365
2023-06-30 19:15:09
osv
osv
hnswlib Double Free vulnerability
2023-06-30 21:30:26
CVE-2023-37365
2023-06-30 19:15:09
ubuntucve
ubuntucve
CVE-2023-37365
2023-06-30 00:00:00
cvelist
cvelist
CVE-2023-37365
2023-06-30 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
24.1%
Related for GHSA-XWC8-RF6M-XR86