Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2023-49990
HistoryDec 12, 2023 - 9:54 p.m.

CVE-2023-49990

2023-12-1221:54:52
redhat.com
access.redhat.com
3
espeak-ng buffer overflow code execution

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

7.5 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.2%

JSON

A flaw was found in the espeak-ng package. A local attacker can use a specially-crafted payload to trigger a buffer overflow condition, which can lead to an application crash or allow for arbitrary code execution.

Mitigation

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Related

cbl_mariner 1
cve 1
veracode 1
debiancve 1
prion 1
cvelist 1
ubuntucve 1
nvd 1
nessus 6
openvas 2
fedora 2
cbl_mariner
cbl_mariner
CVE-2023-49990 affecting package espeak-ng for versions less than 1.51.1-1
2024-03-19 17:21:46
cve
cve
CVE-2023-49990
2023-12-12 14:15:07
veracode
veracode
Buffer Overflow
2023-12-21 08:42:59
debiancve
debiancve
CVE-2023-49990
2023-12-12 14:15:07
prion
prion
Buffer overflow
2023-12-12 14:15:00
cvelist
cvelist
CVE-2023-49990
2023-12-12 00:00:00
ubuntucve
ubuntucve
CVE-2023-49990
2023-12-12 00:00:00
nvd
nvd
CVE-2023-49990
2023-12-12 14:15:07
nessus
nessus
Fedora 39 : espeak-ng (2024-5661c87b25)
2024-01-09 00:00:00
RHEL 8 : espeak-ng (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 8 : espeak-ng (Unpatched Vulnerability)
2024-06-03 00:00:00
openvas
openvas
Fedora: Security Advisory for espeak-ng (FEDORA-2024-5661c87b25)
2024-01-18 00:00:00
Fedora: Security Advisory for espeak-ng (FEDORA-2024-698737a3c5)
2024-01-20 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: espeak-ng-1.51.1-6.fc39
2024-01-10 01:09:53
[SECURITY] Fedora 38 Update: espeak-ng-1.51.1-6.fc38
2024-01-19 03:25:07

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

7.5 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.2%

JSON
Related for RH:CVE-2023-49990
cbl_mariner1cve1veracode1debiancve1prion1cvelist1ubuntucve1nvd1nessus6openvas2fedora2