Lucene search

Veracode Vulnerability DatabaseVERACODE:30668

HistoryMay 25, 2021 - 6:09 a.m.

Denial Of Service (DoS)

2021-05-2506:09:02

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

ktbs.dev/teler/pkg/errors is vulnerable to denial of service. The vulnerability exists when running teler inside a Docker container and when encounter errors.Exit function, it is unable to get process ID and process group ID of teler to properly kill the error process.

CPENameOperatorVersion
ktbs.dev/telerlev1.2.1
ktbs.dev/telerlev1.2.1

CPE	Name	Operator	Version
	ktbs.dev/teler	le	v1.2.1
	ktbs.dev/teler	le	v1.2.1

References

github.com/advisories/GHSA-jhj6-5mh6-4pvf

github.com/kitabisa/teler/commit/ec6082049dba9e44a21f35fb7b123d42ce1a1a7e

github.com/kitabisa/teler/security/advisories/GHSA-jhj6-5mh6-4pvf

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Related for VERACODE:30668