GoogleOSV:USN-6832-1virtuoso-opensource vulnerabilities
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
33.6%
Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly
handled certain crafted SQL statements. An attacker could possibly use
this issue to crash the program, resulting in a denial of service.
(CVE-2023-31607, CVE-2023-31608, CVE-2023-31609, CVE-2023-31610,
CVE-2023-31611, CVE-2023-31616, CVE-2023-31617, CVE-2023-31618,
CVE-2023-31619, CVE-2023-31623, CVE-2023-31625, CVE-2023-31628)
Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly
handled certain crafted SQL statements. An attacker could possibly use
this issue to crash the program, resulting in a denial of service.
This issue only affects Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu
24.04 LTS. (CVE-2023-31612, CVE-2023-31613, CVE-2023-31614,
CVE-2023-31615)
References
ubuntu.com/security/CVE-2023-31607
ubuntu.com/security/CVE-2023-31608
ubuntu.com/security/CVE-2023-31609
ubuntu.com/security/CVE-2023-31610
ubuntu.com/security/CVE-2023-31611
ubuntu.com/security/CVE-2023-31612
ubuntu.com/security/CVE-2023-31613
ubuntu.com/security/CVE-2023-31614
ubuntu.com/security/CVE-2023-31615
ubuntu.com/security/CVE-2023-31616
ubuntu.com/security/CVE-2023-31617
ubuntu.com/security/CVE-2023-31618
ubuntu.com/security/CVE-2023-31619
ubuntu.com/security/CVE-2023-31623
ubuntu.com/security/CVE-2023-31625
ubuntu.com/security/CVE-2023-31628
ubuntu.com/security/notices/USN-6832-1
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
33.6%