Lucene search

MitreCVE-2020-23259

HistoryApr 04, 2023 - 3:15 p.m.

CVE-2020-23259

2023-04-0415:15:08

CWE-476

mitre

web.nvd.nist.gov

cve-2020-23259

jsish

denial of service

nvd

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

40.0%

JSON

An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the Jsi_Strlen function in the src/jsiChar.c file.

Affected configurations

Nvd

Node

jsishjsishRange≤3.0.11

VendorProductVersionCPE
jsishjsish*cpe:2.3:a:jsish:jsish:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jsish	jsish	*	cpe:2.3:a:jsish:jsish::::::::

References

github.com/pcmacdon/jsish/issues/13

jsish.org/fossil/jsi2/tktview?name=b6bb078e00

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

40.0%

JSON

Related for CVE-2020-23259