Veracode Vulnerability DatabaseVERACODE:40932Denial Of Service (DoS)
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
19.1%
libiniparser.so is vulnerable to Denial Of Service (DoS). The vulnerability exists due to improperly checking in iniparser_getstring of iniparser.c, allowing an attacker to cause an application crash.
References
github.com/ndevilla/iniparser/commit/ace9871f65d11b5d73f0b9ee8cf5d2807439442d
github.com/ndevilla/iniparser/issues/144
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASV7SEDHGCP63GYAFEW3CTTVQDZM5RIK/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAIP5AURSTWIQOOP7G4CXYJ5IIGPY3Q/
lists.fedoraproject.org/archives/list/[email protected]/message/ASV7SEDHGCP63GYAFEW3CTTVQDZM5RIK/
lists.fedoraproject.org/archives/list/[email protected]/message/BQAIP5AURSTWIQOOP7G4CXYJ5IIGPY3Q/
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
19.1%