Lucene search
MitreVULNRICHMENT:CVE-2023-33546HistoryJun 01, 2023 - 12:00 a.m.
CVE-2023-33546
2023-06-0100:00:00
mitre
github.com
janino 3.1.9
dos vulnerability
expression evaluator
user-supplied input
stack overflow
Janino 3.1.9 and earlier are subject to denial of service (DOS) attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by multiple parties because Janino is not intended for use with untrusted input.
Related
redhatcve
redhatcve
CVE-2023-33546
2023-06-09 16:07:07
nessus
nessus
openSUSE 15 Security Update : janino (SUSE-SU-2023:3385-1)
2023-08-24 00:00:00
RHEL 6 : janino (Unpatched Vulnerability)
2024-06-03 00:00:00
debiancve
debiancve
CVE-2023-33546
2023-06-01 13:15:10
cvelist
cvelist
CVE-2023-33546
2023-06-01 00:00:00
prion
prion
Stack overflow
2023-06-01 13:15:00
veracode
veracode
Denial Of Service (DoS)
2023-06-14 03:57:23
nvd
nvd
CVE-2023-33546
2023-06-01 13:15:10
github
github
janino vulnerable to denial of service due to stack overflow
2023-06-01 15:30:59
cve
cve
CVE-2023-33546
2023-06-01 13:15:10
osv
osv
janino vulnerable to denial of service due to stack overflow
2023-06-01 15:30:59
openvas
openvas
openSUSE: Security Advisory for janino (SUSE-SU-2023:3385-1)
2024-03-04 00:00:00
ubuntucve
ubuntucve
CVE-2023-33546
2023-06-01 00:00:00
ibm
ibm
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.9%
Related for VULNRICHMENT:CVE-2023-33546