Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2023-33460 - CERT CVE
CVE-2023-33460
ID
CVE-2023-33460
Sažetak
There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.
Reference
https://github.com/lloyd/yajl/issues/250
https://lists.debian.org/debian-lts-announce/2023/07/msg00000.html
https://lists.debian.org/debian-lts-announce/2023/07/msg00013.html
https://lists.debian.org/debian-lts-announce/2023/08/msg00003.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUUHG27RM4ROEYKMVRROR27AX6R63MB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J/
https://github.com/lloyd/yajl/issues/250
https://lists.debian.org/debian-lts-announce/2023/07/msg00000.html
https://lists.debian.org/debian-lts-announce/2023/07/msg00013.html
https://lists.debian.org/debian-lts-announce/2023/08/msg00003.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUUHG27RM4ROEYKMVRROR27AX6R63MB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J/
CVSS
Base:
6.5
Impact:
3.6
Exploitability:
2.8
Pristup
Vektor
Složenost
Autentikacija
NETWORK
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
NONE
NONE
HIGH
CVSS vektor
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Zadnje važnije ažuriranje
08-01-2025 - 17:15
Objavljeno
06-06-2023 - 12:15
