CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
41.0%
A Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability in openSUSE libeconf leads to DoS via malformed config files.
This issue affects libeconf: before 0.5.2.
[
{
"collectionURL": "https://github.com/openSUSE/libeconf",
"defaultStatus": "unaffected",
"product": "libeconf",
"vendor": "openSUSE",
"versions": [
{
"lessThan": "0.5.2",
"status": "affected",
"version": "?",
"versionType": "0.5.2"
}
]
}
]
bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22652
https://github.com/openSUSE/libeconf/issues/177
lists.fedoraproject.org/archives/list/[email protected]/message/SDD5GL5T3V5XZ3VFA4HPE6YGJ2K4HHPC/
lists.fedoraproject.org/archives/list/[email protected]/message/SMG5256D5I3GFA3RBAJQ2WYPJDYAIL74/
lists.fedoraproject.org/archives/list/[email protected]/message/YAYW7X753Z6GOJKVLQPXBDHISN6ZT233/
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
41.0%