Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-29583
HistoryApr 24, 2023 - 12:00 a.m.

CVE-2023-29583

2023-04-2400:00:00
ubuntu.com
ubuntu.com
6
disputed third parties bug security standalone program untrusted code

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

18.9%

DISPUTED yasm 1.3.0.55.g101bc was discovered to contain a stack
overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has
been disputed by third parties who argue this is a bug and not a security
issue because yasm is a standalone program not designed to run untrusted
code.

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

18.9%

Related for UB:CVE-2023-29583