Lucene search

GoogleOSV:CVE-2023-33656

HistoryMay 30, 2023 - 6:15 p.m.

CVE-2023-33656

2023-05-3018:15:10

Google

osv.dev

cve-2023-33656

denial of service

memory resources

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

19.0%

JSON

A memory leak vulnerability exists in NanoMQ 0.17.2. The vulnerability is located in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack by causing the program to consume all available memory resources.

References

github.com/emqx/nanomq

github.com/emqx/nanomq/issues/1164

github.com/emqx/nanomq/issues/1165#issuecomment-1515667127

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

19.0%

JSON

Related for OSV:CVE-2023-33656