TencentOS Server 4: ffmpeg (TSSA-2024:0567)

🗓️ 20 Nov 2025 00:00:00Reported by TenableType
TencentOS Server 4 ffmpeg has multiple vulnerabilities; updates fix buffer overflows and DoS.
Reporter	Title	Published	Views	Family All 664
IBM Security Bulletins	Security Bulletin: IBM Watson Machine Learning Accelerator for IBM Cloud Pak for Data is affected by multiple vulnerabilities.	19 Feb 202617:06	–	ibm
ATTACKERKB	CVE-2023-46407	27 Oct 202320:15	–	attackerkb
AlpineLinux	CVE-2023-46407	27 Oct 202300:00	–	alpinelinux
AlpineLinux	CVE-2023-49501	19 Apr 202400:00	–	alpinelinux
AlpineLinux	CVE-2023-49502	19 Apr 202400:00	–	alpinelinux
AlpineLinux	CVE-2023-50007	19 Apr 202400:00	–	alpinelinux
AlpineLinux	CVE-2023-50008	19 Apr 202400:00	–	alpinelinux
AlpineLinux	CVE-2023-50009	19 Apr 202417:15	–	alpinelinux
AlpineLinux	CVE-2023-50010	19 Apr 202417:15	–	alpinelinux
AlpineLinux	CVE-2023-51791	19 Apr 202400:00	–	alpinelinux
Source	Link
mirrors	www.mirrors.tencent.com/tlinux/errata/tssa-20240567.xml
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Tencent Linux Security Advisory TSSA-2024:0567.
##

include('compat.inc');

if (description)
{
  script_id(276052);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/12/04");

  script_cve_id(
    "CVE-2023-46407",
    "CVE-2023-49501",
    "CVE-2023-49502",
    "CVE-2023-49528",
    "CVE-2023-50007",
    "CVE-2023-50008",
    "CVE-2023-50009",
    "CVE-2023-50010",
    "CVE-2023-51791",
    "CVE-2023-51793",
    "CVE-2023-51794",
    "CVE-2023-51795",
    "CVE-2023-51796",
    "CVE-2023-51797",
    "CVE-2023-51798",
    "CVE-2024-22860",
    "CVE-2024-22861",
    "CVE-2024-22862",
    "CVE-2024-31581",
    "CVE-2024-31582",
    "CVE-2024-31585",
    "CVE-2024-32228",
    "CVE-2024-32229",
    "CVE-2024-32230",
    "CVE-2024-35365",
    "CVE-2024-35366",
    "CVE-2024-35369",
    "CVE-2024-36613"
  );
  script_xref(name:"IAVB", value:"2024-B-0041-S");
  script_xref(name:"IAVB", value:"2024-B-0110-S");

  script_name(english:"TencentOS Server 4: ffmpeg (TSSA-2024:0567)");

  script_set_attribute(attribute:"synopsis", value:
"The remote TencentOS Server 4 host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is,
therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0567 advisory.

    Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:

    CVE-2023-51794:
    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary
    code via the libavfilter/af_stereowiden.c:120:69.

    CVE-2023-51791:
    Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary
    code via the libavcodec/jpegxl_parser.c in gen_alias_map.

    CVE-2023-49501:
    Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary
    code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component.

    CVE-2023-51793:
    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary
    code via the libavutil/imgutils.c:353:9 in image_copy_plane.

    CVE-2024-31581:
    FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in
    libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers to cause undefined behavior
    within the application.

    CVE-2024-31585:
    FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in
    libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via
    a crafted input.

    CVE-2024-31582:
    FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the
    draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause
    undefined behavior or a Denial of Service (DoS) via crafted input.

    CVE-2024-22860:
    Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code
    via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.

    CVE-2024-22861:
    Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS)
    via the avcodec/osq module.

    CVE-2024-22862:
    Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code
    via the JJPEG XL Parser.

    CVE-2023-46407:
    FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size
    variable in the read_vlc_prefix() function.

    CVE-2024-32230:
    FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at
    libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0

    CVE-2024-32228:
    FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in
    hevc_frame_end.

    CVE-2024-32229:
    FFmpeg 7.0 contains a heap-buffer-overflow at libavfilter/vf_tiltandshift.c:189:5 in copy_column.

    CVE-2023-50010:
    Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary
    code via the set_encoder_id function in /fftools/ffmpeg_enc.c component.

    CVE-2023-49528:
    Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute
    arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo
    component.

    CVE-2023-51796:
    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary
    code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame.

    CVE-2023-50009:
    Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary
    code via the ff_gaussian_blur_8 function in libavfilter/edge_template.c:116:5 component.

    CVE-2023-51795:
    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary
    code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame

    CVE-2023-50008:
    Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary
    code via the av_malloc function in libavutil/mem.c:105:9 component.

    CVE-2023-50007:
    Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary
    code via theav_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.

    CVE-2023-49502:
    Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary
    code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.

    CVE-2023-51797:
    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary
    code via the libavfilter/avf_showwaves.c:722:24 in showwaves_filter_frame

    CVE-2023-51798:
    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary
    code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate.

    CVE-2024-35369:
    In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security
    vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec
    extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in
    undefined behavior or crashes during the decoding process.

    CVE-2024-35366:
    FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c
    within the libavformat module. When parsing certain options, the software does not adequately validate the
    input. This allows for negative duration values to be accepted without proper bounds checking.

    CVE-2024-35365:
    FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of
    FFmpeg, specifically within the new_stream_audio function.

    CVE-2024-36613:
    FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer
    overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined behavior.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://mirrors.tencent.com/tlinux/errata/tssa-20240567.xml");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-22862");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/10/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/02/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/11/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:tencent:tencentos_server:4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:tencent:tencentos_server:ffmpeg");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tencent Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/etc/os-release", "Host/TencentOS/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'TencentOS' >!< os_product) audit(AUDIT_OS_NOT, 'TencentOS');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'TencentOS');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'TencentOS 4.x', 'TencentOS ' + os_version);

if (!get_kb_item('Host/TencentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'TencentOS', cpu);

var constraints = [
  {
    'release': '4',
    'pkgs': [
      {'reference':'ffmpeg-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'ffmpeg-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'ffmpeg-debuginfo-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'ffmpeg-debuginfo-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'ffmpeg-debugsource-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'ffmpeg-debugsource-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'ffmpeg-devel-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'ffmpeg-devel-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavcodec-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavcodec-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavcodec-debuginfo-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavcodec-debuginfo-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavcodec-devel-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavcodec-devel-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavdevice-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavdevice-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavdevice-debuginfo-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavdevice-debuginfo-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavdevice-devel-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavdevice-devel-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavfilter-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavfilter-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavfilter-debuginfo-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavfilter-debuginfo-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavfilter-devel-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavfilter-devel-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavformat-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavformat-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavformat-debuginfo-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavformat-debuginfo-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavformat-devel-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavformat-devel-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavutil-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavutil-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavutil-debuginfo-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavutil-debuginfo-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavutil-devel-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libavutil-devel-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libpostproc-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libpostproc-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libpostproc-debuginfo-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libpostproc-debuginfo-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libpostproc-devel-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libpostproc-devel-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswresample-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswresample-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswresample-debuginfo-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswresample-debuginfo-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswresample-devel-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswresample-devel-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswscale-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswscale-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswscale-debuginfo-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswscale-debuginfo-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswscale-devel-7.0-1.oc9', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'libswscale-devel-7.0-1.oc9', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ffmpeg / ffmpeg-debuginfo / ffmpeg-debugsource / etc');
}
04 Dec 2025 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS 3.19.8
EPSS0.02806
SSVC