4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
5.2 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%
software: gcc 11.4.0
OS: ROSA-CHROME
package_evr_string: gcc-11.4.0-10
CVE-ID: CVE-2023-4039
BDU-ID: 2023-05920
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the stack protection feature of the GNU Compiler Collection (GCC) stack for various programming languages involves a breach of the data protection mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of protected information
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update gcc
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
5.2 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%