RedosROS-20230418-02ROS-20230418-02
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
54.7%
A vulnerability in the PHP programming language is related to the kernel’s path resolution function, which allocates a buffer one
bytes less than necessary, if paths are resolved with a length close to the MAXPATHLEN system parameter, this can cause the byte after the allocated buffer to be overwritten with NUL.
can cause the byte after the allocated buffer to be overwritten with a NUL value. Exploitation of the vulnerability could
allow an attacker acting remotely to cause unauthorized access to or modification of data.
modification.
A vulnerability in the PHP programming language is related to an excessive number of parts when loading an HTTP form
results in high resource consumption and excessive log entries. Exploitation of the
of the vulnerability could allow an attacker acting remotely to cause a denial of service on the
vulnerable server by running out of CPU resources or disk space.
Related
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
54.7%