Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-taas-512g-jfdw
Summary
Use After Free
The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.
Aliases
0
alias CVE-2023-0215
1
alias GHSA-r7jw-wp68-3xch
Fixed_packages
0
url pkg:conan/openssl@1.1.1w
purl pkg:conan/openssl@1.1.1w
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openssl@1.1.1w
1
url pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/openssl@1.1.1n-0%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1n-0%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hzz-tqgz-tbew
1
vulnerability VCID-ey1a-gmtq-6yct
2
vulnerability VCID-rgbt-w2ev-cfgw
3
vulnerability VCID-utdy-jcq5-w7g6
4
vulnerability VCID-xdsu-j1e8-ducr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie
3
url pkg:deb/debian/openssl@3.0.8-1?distro=trixie
purl pkg:deb/debian/openssl@3.0.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.8-1%3Fdistro=trixie
4
url pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie
purl pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rgbt-w2ev-cfgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie
5
url pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie
purl pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/openssl@3.6.2-1?distro=trixie
purl pkg:deb/debian/openssl@3.6.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie
7
url pkg:ebuild/dev-libs/openssl@3.0.10
purl pkg:ebuild/dev-libs/openssl@3.0.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/openssl@3.0.10
Affected_packages
0
url pkg:conan/openssl@1.0.2
purl pkg:conan/openssl@1.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-3g6n-ujyv-jub3
2
vulnerability VCID-5a2a-trbk-fkfg
3
vulnerability VCID-8q7w-7je3-zkgt
4
vulnerability VCID-as38-bfar-q3hh
5
vulnerability VCID-erdm-7pfg-e7hc
6
vulnerability VCID-fb66-4fr3-xye7
7
vulnerability VCID-jrts-kcz9-hbcf
8
vulnerability VCID-ju5y-bakm-mqd8
9
vulnerability VCID-mnkq-e45g-fyfw
10
vulnerability VCID-nqu1-ffyz-wubt
11
vulnerability VCID-rhc6-smuj-uyfk
12
vulnerability VCID-taas-512g-jfdw
13
vulnerability VCID-tkap-7nn3-uqae
14
vulnerability VCID-ts7c-u8g2-rqa4
15
vulnerability VCID-uw52-vah8-uqda
16
vulnerability VCID-w1qj-n768-hbar
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openssl@1.0.2
1
url pkg:conan/openssl@1.1.1
purl pkg:conan/openssl@1.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-249a-9kqa-p7an
2
vulnerability VCID-3g6n-ujyv-jub3
3
vulnerability VCID-8q7w-7je3-zkgt
4
vulnerability VCID-as38-bfar-q3hh
5
vulnerability VCID-erdm-7pfg-e7hc
6
vulnerability VCID-fb66-4fr3-xye7
7
vulnerability VCID-gj2m-z5b6-6yf2
8
vulnerability VCID-jrts-kcz9-hbcf
9
vulnerability VCID-ju5y-bakm-mqd8
10
vulnerability VCID-mm8w-472m-puea
11
vulnerability VCID-mnkq-e45g-fyfw
12
vulnerability VCID-n1r2-zqmn-2ufh
13
vulnerability VCID-taas-512g-jfdw
14
vulnerability VCID-tkap-7nn3-uqae
15
vulnerability VCID-ts7c-u8g2-rqa4
16
vulnerability VCID-uw52-vah8-uqda
17
vulnerability VCID-w1qj-n768-hbar
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openssl@1.1.1
2
url pkg:conan/openssl@3.0.0
purl pkg:conan/openssl@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-1yjs-f4gq-h7ht
2
vulnerability VCID-3g6n-ujyv-jub3
3
vulnerability VCID-5a2a-trbk-fkfg
4
vulnerability VCID-5rhg-tvzd-h7es
5
vulnerability VCID-86j5-ag2t-2qhj
6
vulnerability VCID-8q7w-7je3-zkgt
7
vulnerability VCID-97cm-wmq1-gkfd
8
vulnerability VCID-as38-bfar-q3hh
9
vulnerability VCID-erdm-7pfg-e7hc
10
vulnerability VCID-f2np-fk61-nbh1
11
vulnerability VCID-gj2m-z5b6-6yf2
12
vulnerability VCID-ju5y-bakm-mqd8
13
vulnerability VCID-m7sy-6spe-6yau
14
vulnerability VCID-mm8w-472m-puea
15
vulnerability VCID-mnkq-e45g-fyfw
16
vulnerability VCID-nqu1-ffyz-wubt
17
vulnerability VCID-nx5k-32hq-yuh4
18
vulnerability VCID-s6rb-rb8j-yfc6
19
vulnerability VCID-sd2f-6nk6-dua6
20
vulnerability VCID-se2f-3x6g-7uc6
21
vulnerability VCID-taas-512g-jfdw
22
vulnerability VCID-tjhj-1wc7-rych
23
vulnerability VCID-ts7c-u8g2-rqa4
24
vulnerability VCID-vyxk-cz2r-ffgf
25
vulnerability VCID-w1qj-n768-hbar
26
vulnerability VCID-yhn2-ctzh-ducy
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.0.0
3
url pkg:rpm/redhat/edk2@20220126gitbb1bba3d77-2.el8_6?arch=1
purl pkg:rpm/redhat/edk2@20220126gitbb1bba3d77-2.el8_6?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-taas-512g-jfdw
2
vulnerability VCID-ts7c-u8g2-rqa4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/edk2@20220126gitbb1bba3d77-2.el8_6%3Farch=1
4
url pkg:rpm/redhat/edk2@20220126gitbb1bba3d77-4?arch=el8
purl pkg:rpm/redhat/edk2@20220126gitbb1bba3d77-4?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-gj2m-z5b6-6yf2
2
vulnerability VCID-taas-512g-jfdw
3
vulnerability VCID-ts7c-u8g2-rqa4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/edk2@20220126gitbb1bba3d77-4%3Farch=el8
5
url pkg:rpm/redhat/edk2@20221207gitfff6d81270b5-9?arch=el9_2
purl pkg:rpm/redhat/edk2@20221207gitfff6d81270b5-9?arch=el9_2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-7qgk-99dz-x7f4
2
vulnerability VCID-gj2m-z5b6-6yf2
3
vulnerability VCID-taas-512g-jfdw
4
vulnerability VCID-ts7c-u8g2-rqa4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/edk2@20221207gitfff6d81270b5-9%3Farch=el9_2
6
url pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1k-14?arch=el8jbcs
purl pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1k-14?arch=el8jbcs
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-gj2m-z5b6-6yf2
2
vulnerability VCID-taas-512g-jfdw
3
vulnerability VCID-ts7c-u8g2-rqa4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1k-14%3Farch=el8jbcs
7
url pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1k-14?arch=el7jbcs
purl pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1k-14?arch=el7jbcs
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-gj2m-z5b6-6yf2
2
vulnerability VCID-taas-512g-jfdw
3
vulnerability VCID-ts7c-u8g2-rqa4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1k-14%3Farch=el7jbcs
8
url pkg:rpm/redhat/jws5-tomcat-native@1.2.31-14.redhat_14?arch=el7jws
purl pkg:rpm/redhat/jws5-tomcat-native@1.2.31-14.redhat_14?arch=el7jws
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-gj2m-z5b6-6yf2
2
vulnerability VCID-taas-512g-jfdw
3
vulnerability VCID-ts7c-u8g2-rqa4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat-native@1.2.31-14.redhat_14%3Farch=el7jws
9
url pkg:rpm/redhat/jws5-tomcat-native@1.2.31-14.redhat_14?arch=el8jws
purl pkg:rpm/redhat/jws5-tomcat-native@1.2.31-14.redhat_14?arch=el8jws
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-gj2m-z5b6-6yf2
2
vulnerability VCID-taas-512g-jfdw
3
vulnerability VCID-ts7c-u8g2-rqa4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat-native@1.2.31-14.redhat_14%3Farch=el8jws
10
url pkg:rpm/redhat/jws5-tomcat-native@1.2.31-14.redhat_14?arch=el9jws
purl pkg:rpm/redhat/jws5-tomcat-native@1.2.31-14.redhat_14?arch=el9jws
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-gj2m-z5b6-6yf2
2
vulnerability VCID-taas-512g-jfdw
3
vulnerability VCID-ts7c-u8g2-rqa4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jws5-tomcat-native@1.2.31-14.redhat_14%3Farch=el9jws
11
url pkg:rpm/redhat/openssl@1:1.1.1k-9?arch=el8_6
purl pkg:rpm/redhat/openssl@1:1.1.1k-9?arch=el8_6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-gj2m-z5b6-6yf2
2
vulnerability VCID-taas-512g-jfdw
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@1:1.1.1k-9%3Farch=el8_6
12
url pkg:rpm/redhat/openssl@1:1.1.1k-9?arch=el8_7
purl pkg:rpm/redhat/openssl@1:1.1.1k-9?arch=el8_7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-gj2m-z5b6-6yf2
2
vulnerability VCID-taas-512g-jfdw
3
vulnerability VCID-ts7c-u8g2-rqa4
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@1:1.1.1k-9%3Farch=el8_7
13
url pkg:rpm/redhat/openssl@1:3.0.1-46?arch=el9_0
purl pkg:rpm/redhat/openssl@1:3.0.1-46?arch=el9_0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-97cm-wmq1-gkfd
2
vulnerability VCID-f2np-fk61-nbh1
3
vulnerability VCID-gj2m-z5b6-6yf2
4
vulnerability VCID-se2f-3x6g-7uc6
5
vulnerability VCID-taas-512g-jfdw
6
vulnerability VCID-ts7c-u8g2-rqa4
7
vulnerability VCID-yhn2-ctzh-ducy
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@1:3.0.1-46%3Farch=el9_0
14
url pkg:rpm/redhat/openssl@1:3.0.1-47?arch=el9_1
purl pkg:rpm/redhat/openssl@1:3.0.1-47?arch=el9_1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hgm-58xg-r7bt
1
vulnerability VCID-97cm-wmq1-gkfd
2
vulnerability VCID-f2np-fk61-nbh1
3
vulnerability VCID-gj2m-z5b6-6yf2
4
vulnerability VCID-se2f-3x6g-7uc6
5
vulnerability VCID-taas-512g-jfdw
6
vulnerability VCID-ts7c-u8g2-rqa4
7
vulnerability VCID-yhn2-ctzh-ducy
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl@1:3.0.1-47%3Farch=el9_1
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0215.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0215.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0215
reference_id
reference_type
scores
0
value 0.0043
scoring_system epss
scoring_elements 0.62856
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0215
2
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd
3
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb
4
reference_url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344
5
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003
6
reference_url https://rustsec.org/advisories/RUSTSEC-2023-0009.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2023-0009.html
7
reference_url https://security.gentoo.org/glsa/202402-08
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202402-08
8
reference_url https://security.netapp.com/advisory/ntap-20230427-0007
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230427-0007
9
reference_url https://security.netapp.com/advisory/ntap-20230427-0009
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230427-0009
10
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
11
reference_url https://www.openssl.org/news/secadv/20230207.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openssl.org/news/secadv/20230207.txt
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2164492
reference_id 2164492
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2164492
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0215
reference_id CVE-2023-0215
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0215
14
reference_url https://access.redhat.com/errata/RHSA-2023:0946
reference_id RHSA-2023:0946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0946
15
reference_url https://access.redhat.com/errata/RHSA-2023:1199
reference_id RHSA-2023:1199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1199
16
reference_url https://access.redhat.com/errata/RHSA-2023:1405
reference_id RHSA-2023:1405
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1405
17
reference_url https://access.redhat.com/errata/RHSA-2023:2165
reference_id RHSA-2023:2165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2165
18
reference_url https://access.redhat.com/errata/RHSA-2023:2932
reference_id RHSA-2023:2932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2932
19
reference_url https://access.redhat.com/errata/RHSA-2023:3354
reference_id RHSA-2023:3354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3354
20
reference_url https://access.redhat.com/errata/RHSA-2023:3355
reference_id RHSA-2023:3355
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3355
21
reference_url https://access.redhat.com/errata/RHSA-2023:3408
reference_id RHSA-2023:3408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3408
22
reference_url https://access.redhat.com/errata/RHSA-2023:3420
reference_id RHSA-2023:3420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3420
23
reference_url https://access.redhat.com/errata/RHSA-2023:3421
reference_id RHSA-2023:3421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3421
24
reference_url https://access.redhat.com/errata/RHSA-2023:4128
reference_id RHSA-2023:4128
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4128
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 416
name Use After Free
description Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-taas-512g-jfdw