Lucene search

[email protected]NVD:CVE-2023-37186

HistoryDec 25, 2023 - 7:15 a.m.

CVE-2023-37186

2023-12-2507:15:08

CWE-476

[email protected]

web.nvd.nist.gov

c-blosc2

null pointer

vulnerability

ndlz8x8.c

memset

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

21.4%

JSON

C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference in ndlz/ndlz8x8.c via a NULL pointer to memset.

Affected configurations

NVD

Node

c-blosc2_projectc-blosc2Range<2.9.3

References

github.com/Blosc/c-blosc2/commit/d55bfcd6804699e1435dc3e233fd76c8a5d3f9e3

github.com/Blosc/c-blosc2/compare/v2.9.2...v2.9.3

github.com/Blosc/c-blosc2/issues/522

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

21.4%

JSON

Related for NVD:CVE-2023-37186

osv1 prion1 cve1 cvelist1