Lucene search
HistorySep 08, 2023 - 5:15 p.m.
CVE-2023-39321
cve
2023
39321
panic
incomplete post-handshake
quic
connection
nvd
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.1%
Processing an incomplete post-handshake message for a QUIC connection can cause a panic.
Affected configurations
Node
golanggoRange1.21.0–1.21.1
CNA Affected
[
{
"vendor": "Go standard library",
"product": "crypto/tls",
"collectionURL": "https://pkg.go.dev",
"packageName": "crypto/tls",
"versions": [
{
"version": "1.21.0-0",
"lessThan": "1.21.1",
"status": "affected",
"versionType": "semver"
}
],
"programRoutines": [
{
"name": "QUICConn.HandleData"
}
],
"defaultStatus": "unaffected"
}
]Related
redhatcve
redhatcve
CVE-2023-39321
2023-09-13 07:24:29
prion
prion
Code injection
2023-09-08 17:15:00
cgr
cgr
CVE-2023-39321 vulnerabilities
2024-05-19 03:07:16
debiancve
debiancve
CVE-2023-39321
2023-09-08 17:15:28
nvd
nvd
CVE-2023-39321
2023-09-08 17:15:28
cvelist
cvelist
osv
osv
CVE-2023-39321
2023-09-08 17:15:28
BIT-golang-2023-39321
2024-03-06 10:54:10
ubuntucve
ubuntucve
CVE-2023-39321
2023-09-08 00:00:00
alpinelinux
alpinelinux
CVE-2023-39321
2023-09-08 17:15:28
veracode
veracode
Insufficient Information
2023-10-02 20:14:41
wolfi
wolfi
CVE-2023-39321 vulnerabilities
2024-07-05 21:08:40
nessus
nessus
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:7517)
2024-04-28 00:00:00
AlmaLinux 9 : runc (ALSA-2023:7763)
2023-12-14 00:00:00
Oracle Linux 9 : runc (ELSA-2023-7763)
2023-12-15 00:00:00
redhat
redhat
(RHSA-2023:7517) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
2023-11-27 19:20:27
(RHSA-2023:7763) Moderate: runc security update
2023-12-12 16:42:28
(RHSA-2023:7766) Moderate: containernetworking-plugins security update
2023-12-12 16:42:36
ibm
ibm
oraclelinux
oraclelinux
runc security update
2023-12-14 00:00:00
podman security update
2023-12-14 00:00:00
skopeo security update
2023-12-13 00:00:00
almalinux
almalinux
Moderate: runc security update
2023-12-12 00:00:00
Moderate: buildah security update
2023-12-12 00:00:00
Moderate: containernetworking-plugins security update
2023-12-12 00:00:00
freebsd
freebsd
go -- multiple vulnerabilities
2023-09-06 00:00:00
openvas
openvas
openSUSE: Security Advisory for go1.21 (SUSE-SU-2023:3701-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for go1.21 (SUSE-SU-2023:4469-1)
2024-03-04 00:00:00
gentoo
gentoo
Go: Multiple Vulnerabilities
2023-11-25 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.1%
Related for CVE-2023-39321