AI Score
Confidence
Low
EPSS
Percentile
37.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.