EPSS
Percentile
45.8%
gss-ntlmssp is vulnerable to Denial of Service (DoS) attacks. The length of the av_pair is not checked properly for two elements, which can trigger an out-of-bounds read and cause a denial-of-service if memory is unmapped.
av_pair
github.com/gssapi/gss-ntlmssp/commit/025fbb756d44ffee8f847db4222ed6aa4bd1fbe4
github.com/gssapi/gss-ntlmssp/releases/tag/v1.2.0
github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-24pf-6prf-24ch
security-tracker.debian.org/tracker/CVE-2023-25567