VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-9ru8-kjym-aaae

Essentials
Severities (262)
References (140)
Severity details (189)
Exploits (1)
EPSS
History (0)

Vulnerability ID	VCID-9ru8-kjym-aaae
Aliases	CVE-2023-5217 GHSA-qqvq-6xgj-jw8g
Summary	Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Status	Published
Exploitability	2.0
Weighted Severity	9.0
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (5)

CWE-787	Out-of-bounds Write
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-707	Improper Neutralization
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-119	Improper Restriction of Operations within the Bounds of a Memory Buffer

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.01748	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.0203	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.07511	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.07511	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.07511	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.07511	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.07511	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.07511	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.07511	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.07511	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.07511	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.07511	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.07511	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.31122	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.31122	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.31122	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.31122	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.31122	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.31803	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.31803	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.31803	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.40781	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.40781	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.41067	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.55002	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.71762	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
epss	0.74265	https://api.first.org/data/v1/epss?cve=CVE-2023-5217
cvssv3.1	8.8	https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software
generic_textual	HIGH	https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software
cvssv3.1	8.8	https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
ssvc	Attend	https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
cvssv3.1	8.8	https://bugzilla.redhat.com/show_bug.cgi?id=2241191
ssvc	Attend	https://bugzilla.redhat.com/show_bug.cgi?id=2241191
cvssv3.1	8.8	https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
generic_textual	HIGH	https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
ssvc	Attend	https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
cvssv3.1	8.8	https://crbug.com/1486441
generic_textual	HIGH	https://crbug.com/1486441
ssvc	Attend	https://crbug.com/1486441
cvssv3.1	8.8	http://seclists.org/fulldisclosure/2023/Oct/12
generic_textual	HIGH	http://seclists.org/fulldisclosure/2023/Oct/12
ssvc	Attend	http://seclists.org/fulldisclosure/2023/Oct/12
cvssv3.1	8.8	http://seclists.org/fulldisclosure/2023/Oct/16
generic_textual	HIGH	http://seclists.org/fulldisclosure/2023/Oct/16
ssvc	Attend	http://seclists.org/fulldisclosure/2023/Oct/16
cvssv3.1	8.4	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-qqvq-6xgj-jw8g
cvssv3.1	8.8	https://github.com/electron/electron
generic_textual	HIGH	https://github.com/electron/electron
cvssv3.1	8.8	https://github.com/electron/electron/pull/40022
generic_textual	HIGH	https://github.com/electron/electron/pull/40022
cvssv3.1	8.8	https://github.com/electron/electron/pull/40023
generic_textual	HIGH	https://github.com/electron/electron/pull/40023
cvssv3.1	8.8	https://github.com/electron/electron/pull/40024
generic_textual	HIGH	https://github.com/electron/electron/pull/40024
cvssv3.1	8.8	https://github.com/electron/electron/pull/40025
generic_textual	HIGH	https://github.com/electron/electron/pull/40025
cvssv3.1	8.8	https://github.com/electron/electron/pull/40026
generic_textual	HIGH	https://github.com/electron/electron/pull/40026
cvssv3.1	8.8	https://github.com/electron/electron/releases/tag/v22.3.25
generic_textual	HIGH	https://github.com/electron/electron/releases/tag/v22.3.25
cvssv3.1	8.8	https://github.com/electron/electron/releases/tag/v24.8.5
generic_textual	HIGH	https://github.com/electron/electron/releases/tag/v24.8.5
cvssv3.1	8.8	https://github.com/electron/electron/releases/tag/v25.8.4
generic_textual	HIGH	https://github.com/electron/electron/releases/tag/v25.8.4
cvssv3.1	8.8	https://github.com/electron/electron/releases/tag/v26.2.4
generic_textual	HIGH	https://github.com/electron/electron/releases/tag/v26.2.4
cvssv3.1	8.8	https://github.com/electron/electron/releases/tag/v27.0.0-beta.8
generic_textual	HIGH	https://github.com/electron/electron/releases/tag/v27.0.0-beta.8
cvssv3.1	8.8	https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590
generic_textual	HIGH	https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590
ssvc	Attend	https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590
cvssv3.1	8.8	https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282
generic_textual	HIGH	https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282
ssvc	Attend	https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282
cvssv3.1	8.8	https://github.com/webmproject/libvpx/releases/tag/v1.13.1
generic_textual	HIGH	https://github.com/webmproject/libvpx/releases/tag/v1.13.1
ssvc	Attend	https://github.com/webmproject/libvpx/releases/tag/v1.13.1
cvssv3.1	8.8	https://github.com/webmproject/libvpx/tags
generic_textual	HIGH	https://github.com/webmproject/libvpx/tags
ssvc	Attend	https://github.com/webmproject/libvpx/tags
cvssv3.1	8.8	https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html
generic_textual	HIGH	https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html
ssvc	Attend	https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html
cvssv3.1	8.8	https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
generic_textual	HIGH	https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
ssvc	Attend	https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
cvssv3.1	8.8	https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
generic_textual	HIGH	https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
ssvc	Attend	https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/
ssvc	Attend	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/
ssvc	Attend	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/
ssvc	Attend	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/
ssvc	Attend	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/
ssvc	Attend	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/
ssvc	Attend	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/
ssvc	Attend	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/
cvssv3	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-5217
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-5217
cvssv3.1	8.8	https://pastebin.com/TdkC4pDv
generic_textual	HIGH	https://pastebin.com/TdkC4pDv
ssvc	Attend	https://pastebin.com/TdkC4pDv
cvssv3.1	8.8	https://security.gentoo.org/glsa/202310-04
ssvc	Attend	https://security.gentoo.org/glsa/202310-04
cvssv3.1	8.8	https://security.gentoo.org/glsa/202401-34
ssvc	Attend	https://security.gentoo.org/glsa/202401-34
cvssv3.1	8.8	https://security-tracker.debian.org/tracker/CVE-2023-5217
generic_textual	HIGH	https://security-tracker.debian.org/tracker/CVE-2023-5217
ssvc	Attend	https://security-tracker.debian.org/tracker/CVE-2023-5217
cvssv3.1	8.8	https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217
generic_textual	HIGH	https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217
cvssv3.1	8.8	https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/
ssvc	Attend	https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/
cvssv3.1	8.8	https://support.apple.com/kb/HT213961
generic_textual	HIGH	https://support.apple.com/kb/HT213961
ssvc	Attend	https://support.apple.com/kb/HT213961
cvssv3.1	8.8	https://support.apple.com/kb/HT213972
generic_textual	HIGH	https://support.apple.com/kb/HT213972
ssvc	Attend	https://support.apple.com/kb/HT213972
cvssv3.1	8.8	https://twitter.com/maddiestone/status/1707163313711497266
generic_textual	HIGH	https://twitter.com/maddiestone/status/1707163313711497266
ssvc	Attend	https://twitter.com/maddiestone/status/1707163313711497266
cvssv3.1	8.8	https://www.debian.org/security/2023/dsa-5508
generic_textual	HIGH	https://www.debian.org/security/2023/dsa-5508
ssvc	Attend	https://www.debian.org/security/2023/dsa-5508
cvssv3.1	8.8	https://www.debian.org/security/2023/dsa-5509
generic_textual	HIGH	https://www.debian.org/security/2023/dsa-5509
ssvc	Attend	https://www.debian.org/security/2023/dsa-5509
cvssv3.1	8.8	https://www.debian.org/security/2023/dsa-5510
generic_textual	HIGH	https://www.debian.org/security/2023/dsa-5510
ssvc	Attend	https://www.debian.org/security/2023/dsa-5510
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2023-44
cvssv3.1	8.8	https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
ssvc	Attend	https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
cvssv3.1	8.8	https://www.openwall.com/lists/oss-security/2023/09/28/5
generic_textual	HIGH	https://www.openwall.com/lists/oss-security/2023/09/28/5
ssvc	Attend	https://www.openwall.com/lists/oss-security/2023/09/28/5
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/28/5
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/28/5
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/28/5
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/28/6
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/28/6
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/28/6
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/29/1
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/29/1
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/29/1
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/29/11
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/29/11
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/29/11
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/29/12
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/29/12
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/29/12
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/29/14
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/29/14
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/29/14
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/29/2
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/29/2
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/29/2
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/29/7
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/29/7
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/29/7
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/29/9
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/29/9
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/29/9
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/30/1
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/30/1
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/30/1
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/30/2
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/30/2
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/30/2
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/30/3
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/30/3
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/30/3
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/30/4
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/30/4
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/30/4
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/09/30/5
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/09/30/5
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/09/30/5
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/10/01/1
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/10/01/1
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/10/01/1
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/10/01/2
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/10/01/2
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/10/01/2
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/10/01/5
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/10/01/5
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/10/01/5
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/10/02/6
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/10/02/6
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/10/02/6
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/10/03/11
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2023/10/03/11
ssvc	Attend	http://www.openwall.com/lists/oss-security/2023/10/03/11

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-5217
		https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software
		https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
		https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
		https://crbug.com/1486441
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
		http://seclists.org/fulldisclosure/2023/Oct/12
		http://seclists.org/fulldisclosure/2023/Oct/16
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/electron/electron
		https://github.com/electron/electron/pull/40022
		https://github.com/electron/electron/pull/40023
		https://github.com/electron/electron/pull/40024
		https://github.com/electron/electron/pull/40025
		https://github.com/electron/electron/pull/40026
		https://github.com/electron/electron/releases/tag/v22.3.25
		https://github.com/electron/electron/releases/tag/v24.8.5
		https://github.com/electron/electron/releases/tag/v25.8.4
		https://github.com/electron/electron/releases/tag/v26.2.4
		https://github.com/electron/electron/releases/tag/v27.0.0-beta.8
		https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590
		https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282
		https://github.com/webmproject/libvpx/releases/tag/v1.13.1
		https://github.com/webmproject/libvpx/tags
		https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html
		https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
		https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/
		https://pastebin.com/TdkC4pDv
		https://security-tracker.debian.org/tracker/CVE-2023-5217
		https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217
		https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/
		https://support.apple.com/kb/HT213961
		https://support.apple.com/kb/HT213972
		https://twitter.com/maddiestone/status/1707163313711497266
		https://www.debian.org/security/2023/dsa-5508
		https://www.debian.org/security/2023/dsa-5509
		https://www.debian.org/security/2023/dsa-5510
		https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
		https://www.openwall.com/lists/oss-security/2023/09/28/5
		http://www.openwall.com/lists/oss-security/2023/09/28/5
		http://www.openwall.com/lists/oss-security/2023/09/28/6
		http://www.openwall.com/lists/oss-security/2023/09/29/1
		http://www.openwall.com/lists/oss-security/2023/09/29/11
		http://www.openwall.com/lists/oss-security/2023/09/29/12
		http://www.openwall.com/lists/oss-security/2023/09/29/14
		http://www.openwall.com/lists/oss-security/2023/09/29/2
		http://www.openwall.com/lists/oss-security/2023/09/29/7
		http://www.openwall.com/lists/oss-security/2023/09/29/9
		http://www.openwall.com/lists/oss-security/2023/09/30/1
		http://www.openwall.com/lists/oss-security/2023/09/30/2
		http://www.openwall.com/lists/oss-security/2023/09/30/3
		http://www.openwall.com/lists/oss-security/2023/09/30/4
		http://www.openwall.com/lists/oss-security/2023/09/30/5
		http://www.openwall.com/lists/oss-security/2023/10/01/1
		http://www.openwall.com/lists/oss-security/2023/10/01/2
		http://www.openwall.com/lists/oss-security/2023/10/01/5
		http://www.openwall.com/lists/oss-security/2023/10/02/6
		http://www.openwall.com/lists/oss-security/2023/10/03/11
1053182		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182
2241191		https://bugzilla.redhat.com/show_bug.cgi?id=2241191
cpe:2.3:a:google:chrome::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
cpe:2.3:a:microsoft:edge:116.0.1938.98:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:edge:116.0.1938.98:::::::*
cpe:2.3:a:microsoft:edge:117.0.2045.47:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:edge:117.0.2045.47:::::::*
cpe:2.3:a:microsoft:edge_chromium:116.0.5845.229:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:edge_chromium:116.0.5845.229:::::::*
cpe:2.3:a:microsoft:edge_chromium:117.0.5938.132:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:edge_chromium:117.0.5938.132:::::::*
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:firefox:::::-:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:::::-:::*
cpe:2.3:a:mozilla:firefox::::::android::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::android::*
cpe:2.3:a:mozilla:firefox:::::esr:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:::::esr:::*
cpe:2.3:a:mozilla:firefox_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
cpe:2.3:a:mozilla:firefox_focus::::::android::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_focus::::::android::*
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:a:webmproject:libvpx::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:webmproject:libvpx::::::::
cpe:2.3:o:apple:ipad_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipad_os::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:ipad_os:16.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipad_os:16.7:::::::*
cpe:2.3:o:apple:ipados:16.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:16.7:::::::*
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:iphone_os:16.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:16.7:::::::*
cpe:2.3:o:debian:debian_linux:10.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
cpe:2.3:o:debian:debian_linux:11.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:::::::*
cpe:2.3:o:debian:debian_linux:12.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:::::::*
cpe:2.3:o:fedoraproject:fedora:37:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:::::::*
cpe:2.3:o:fedoraproject:fedora:38:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:::::::*
cpe:2.3:o:fedoraproject:fedora:39:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:::::::*
cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
CVE-2023-5217		https://nvd.nist.gov/vuln/detail/CVE-2023-5217
GHSA-qqvq-6xgj-jw8g		https://github.com/advisories/GHSA-qqvq-6xgj-jw8g
GLSA-202310-04		https://security.gentoo.org/glsa/202310-04
GLSA-202401-34		https://security.gentoo.org/glsa/202401-34
mfsa2023-44		https://www.mozilla.org/en-US/security/advisories/mfsa2023-44
RHSA-2023:5426		https://access.redhat.com/errata/RHSA-2023:5426
RHSA-2023:5427		https://access.redhat.com/errata/RHSA-2023:5427
RHSA-2023:5428		https://access.redhat.com/errata/RHSA-2023:5428
RHSA-2023:5429		https://access.redhat.com/errata/RHSA-2023:5429
RHSA-2023:5430		https://access.redhat.com/errata/RHSA-2023:5430
RHSA-2023:5432		https://access.redhat.com/errata/RHSA-2023:5432
RHSA-2023:5433		https://access.redhat.com/errata/RHSA-2023:5433
RHSA-2023:5434		https://access.redhat.com/errata/RHSA-2023:5434
RHSA-2023:5435		https://access.redhat.com/errata/RHSA-2023:5435
RHSA-2023:5436		https://access.redhat.com/errata/RHSA-2023:5436
RHSA-2023:5437		https://access.redhat.com/errata/RHSA-2023:5437
RHSA-2023:5438		https://access.redhat.com/errata/RHSA-2023:5438
RHSA-2023:5439		https://access.redhat.com/errata/RHSA-2023:5439
RHSA-2023:5440		https://access.redhat.com/errata/RHSA-2023:5440
RHSA-2023:5475		https://access.redhat.com/errata/RHSA-2023:5475
RHSA-2023:5477		https://access.redhat.com/errata/RHSA-2023:5477
RHSA-2023:5534		https://access.redhat.com/errata/RHSA-2023:5534
RHSA-2023:5535		https://access.redhat.com/errata/RHSA-2023:5535
RHSA-2023:5536		https://access.redhat.com/errata/RHSA-2023:5536
RHSA-2023:5537		https://access.redhat.com/errata/RHSA-2023:5537
RHSA-2023:5538		https://access.redhat.com/errata/RHSA-2023:5538
RHSA-2023:5539		https://access.redhat.com/errata/RHSA-2023:5539
RHSA-2023:5540		https://access.redhat.com/errata/RHSA-2023:5540
USN-6403-1		https://usn.ubuntu.com/6403-1/
USN-6403-2		https://usn.ubuntu.com/6403-2/
USN-6403-3		https://usn.ubuntu.com/6403-3/
USN-6404-1		https://usn.ubuntu.com/6404-1/
USN-6405-1		https://usn.ubuntu.com/6405-1/
USN-7172-1		https://usn.ubuntu.com/7172-1/

Data source	KEV
Date added	Oct. 2, 2023
Description	Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome.
Required action	Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due date	Oct. 23, 2023
Note	https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html; https://nvd.nist.gov/vuln/detail/CVE-2023-5217
Ransomware campaign use	Unknown

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://bugzilla.redhat.com/show_bug.cgi?id=2241191

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2241191

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://crbug.com/1486441

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://crbug.com/1486441

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2023/Oct/12

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://seclists.org/fulldisclosure/2023/Oct/12

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2023/Oct/16

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://seclists.org/fulldisclosure/2023/Oct/16

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/electron/electron

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/electron/electron/pull/40022

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/electron/electron/pull/40023

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/electron/electron/pull/40024

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/electron/electron/pull/40025

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/electron/electron/pull/40026

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/electron/electron/releases/tag/v22.3.25

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/electron/electron/releases/tag/v24.8.5

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/electron/electron/releases/tag/v25.8.4

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/electron/electron/releases/tag/v26.2.4

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/electron/electron/releases/tag/v27.0.0-beta.8

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/webmproject/libvpx/releases/tag/v1.13.1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://github.com/webmproject/libvpx/releases/tag/v1.13.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/webmproject/libvpx/tags

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://github.com/webmproject/libvpx/tags

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-5217

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-5217

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://pastebin.com/TdkC4pDv

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://pastebin.com/TdkC4pDv

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202310-04

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://security.gentoo.org/glsa/202310-04

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202401-34

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://security.gentoo.org/glsa/202401-34

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security-tracker.debian.org/tracker/CVE-2023-5217

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://security-tracker.debian.org/tracker/CVE-2023-5217

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/kb/HT213961

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://support.apple.com/kb/HT213961

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/kb/HT213972

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://support.apple.com/kb/HT213972

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://twitter.com/maddiestone/status/1707163313711497266

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://twitter.com/maddiestone/status/1707163313711497266

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2023/dsa-5508

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://www.debian.org/security/2023/dsa-5508

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2023/dsa-5509

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://www.debian.org/security/2023/dsa-5509

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2023/dsa-5510

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://www.debian.org/security/2023/dsa-5510

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.openwall.com/lists/oss-security/2023/09/28/5

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at https://www.openwall.com/lists/oss-security/2023/09/28/5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/28/5

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/28/5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/28/6

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/28/6

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/29/1

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/29/1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/29/11

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/29/11

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/29/12

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/29/12

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/29/14

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/29/14

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/29/2

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/29/2

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/29/7

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/29/7

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/29/9

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/29/9

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/30/1

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/30/1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/30/2

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/30/2

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/30/3

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/30/3

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/30/4

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/30/4

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/09/30/5

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/09/30/5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/10/01/1

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/10/01/1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/10/01/2

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/10/01/2

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/10/01/5

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/10/01/5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/10/02/6

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/10/02/6

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/10/03/11

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/ Found at http://www.openwall.com/lists/oss-security/2023/10/03/11

Exploit Prediction Scoring System (EPSS)

Percentile	0.81435
EPSS Score	0.01748
Published At	April 15, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.