Lucene search
K

6 matches found

OSV
OSV
added 2023/09/20 3:15 p.m.29 views

CVE-2023-42464

A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...

9.8CVSS7.6AI score0.01793EPSS
Exploits0References7
Prion
Prion
added 2023/09/20 3:15 p.m.62 views

Type confusion

A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...

7.5CVSS6.2AI score0.62606EPSS
Exploits0References6Affected Software2
CVE
CVE
added 2023/09/20 12:0 a.m.166 views

CVE-2023-42464

The CVE-2023-42464 entry concerns a Type Confusion in Netatalk 3.1.x before 3.1.17, specifically in Spotlight RPC parsing where a key–value dictionary’s values are not properly type-checked by dalloc_value_for_key(), allowing a malicious actor to fully control the pointer value and theoretically ...

9.8CVSS7.2AI score0.01793EPSS
Exploits0References7Affected Software1
AlpineLinux
AlpineLinux
added 2023/09/20 12:0 a.m.44 views

CVE-2023-42464

A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...

9.8CVSS6.9AI score0.01793EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/09/20 12:0 a.m.50 views

CVE-2023-42464

A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...

9.8CVSS6.9AI score0.01793EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/09/16 12:0 a.m.8 views

PT-2023-28357 · Netatalk +4 · Netatalk +4

Name of the Vulnerable Software and Affected Versions: Netatalk versions 3.1.x through 3.1.16 Description: A Type Confusion issue was found in the Spotlight RPC functions in afpd. The problem arises when parsing Spotlight RPC packets, specifically with a key-value style dictionary where keys are...

10CVSS8AI score0.18903EPSS
Exploits4References70
Rows per page
Query Builder