Lucene search
HistoryDec 29, 2023 - 3:15 p.m.
CVE-2023-50570
ipaddress
infinite loop
invalid arguments
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.7%
An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop. This is disputed because an infinite loop occurs only for cases in which the developer supplies invalid arguments. The product is not intended to always halt for contrived inputs.
Affected configurations
Node
seancfoleyipaddressMatch5.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| seancfoley | ipaddress | 5.1.0 | cpe:2.3:a:seancfoley:ipaddress:5.1.0:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2023-50570
2023-12-29 15:15:09
prion
prion
Information disclosure
2023-12-29 15:15:00
veracode
veracode
Denial Of Service (DoS)
2024-01-02 05:48:31
cvelist
cvelist
CVE-2023-50570
2023-12-29 00:00:00
github
github
IPAddress Infinite Loop vulnerability (Disputed)
2023-12-29 15:30:37
vulnrichment
vulnrichment
CVE-2023-50570
2023-12-29 00:00:00
ibm
ibm
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.7%
Related for NVD:CVE-2023-50570