VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-q4bv-fa1u-aaaq

Essentials
Severities (80)
References (51)
Severity details (24)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-q4bv-fa1u-aaaq
Aliases	CVE-2020-14040 GHSA-5rcv-m4m3-hfh7
Summary	The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-835	Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-400	Uncontrolled Resource Consumption

System	Score	Found at
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3369
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3578
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3665
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3727
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:3783
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:4214
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:4297
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:4298
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:4694
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5054
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5055
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5056
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5149
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5605
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5606
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5633
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5635
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:0420
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:0799
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:1129
rhas	Important	https://access.redhat.com/errata/RHSA-2021:1168
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:3140
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json
epss	0.00022	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
epss	6e-05	https://api.first.org/data/v1/epss?cve=CVE-2020-14040
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=1853652
cvssv3.1	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.5	https://github.com/golang/go/issues/39491
generic_textual	MODERATE	https://github.com/golang/go/issues/39491
cvssv3.1	7.5	https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
generic_textual	MODERATE	https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
cvssv3.1	7.5	https://go.dev/cl/238238
generic_textual	MODERATE	https://go.dev/cl/238238
cvssv3.1	7.5	https://go.dev/issue/39491
generic_textual	MODERATE	https://go.dev/issue/39491
cvssv3.1	7.5	https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
generic_textual	MODERATE	https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
cvssv3.1	7.5	https://go-review.googlesource.com/c/text/+/238238
generic_textual	MODERATE	https://go-review.googlesource.com/c/text/+/238238
cvssv3.1	7.5	https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
generic_textual	MODERATE	https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
cvssv3.1	7.5	https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0
generic_textual	MODERATE	https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2020-14040
cvssv3	7.5	https://nvd.nist.gov/vuln/detail/CVE-2020-14040
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2020-14040

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json
		https://api.first.org/data/v1/epss?cve=CVE-2020-14040
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/golang/go/issues/39491
		https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
		https://go.dev/cl/238238
		https://go.dev/issue/39491
		https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
		https://go-review.googlesource.com/c/text/+/238238
		https://groups.google.com/forum/#%21topic/golang-announce/bXVeAmGOqz0
		https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
		https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/
1853652		https://bugzilla.redhat.com/show_bug.cgi?id=1853652
964271		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964271
cpe:2.3:a:golang:text::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:golang:text::::::::
cpe:2.3:o:fedoraproject:fedora:32:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:::::::*
CVE-2020-14040		https://nvd.nist.gov/vuln/detail/CVE-2020-14040
RHSA-2020:3087		https://access.redhat.com/errata/RHSA-2020:3087
RHSA-2020:3369		https://access.redhat.com/errata/RHSA-2020:3369
RHSA-2020:3372		https://access.redhat.com/errata/RHSA-2020:3372
RHSA-2020:3578		https://access.redhat.com/errata/RHSA-2020:3578
RHSA-2020:3665		https://access.redhat.com/errata/RHSA-2020:3665
RHSA-2020:3727		https://access.redhat.com/errata/RHSA-2020:3727
RHSA-2020:3780		https://access.redhat.com/errata/RHSA-2020:3780
RHSA-2020:3783		https://access.redhat.com/errata/RHSA-2020:3783
RHSA-2020:4214		https://access.redhat.com/errata/RHSA-2020:4214
RHSA-2020:4297		https://access.redhat.com/errata/RHSA-2020:4297
RHSA-2020:4298		https://access.redhat.com/errata/RHSA-2020:4298
RHSA-2020:4694		https://access.redhat.com/errata/RHSA-2020:4694
RHSA-2020:5054		https://access.redhat.com/errata/RHSA-2020:5054
RHSA-2020:5055		https://access.redhat.com/errata/RHSA-2020:5055
RHSA-2020:5056		https://access.redhat.com/errata/RHSA-2020:5056
RHSA-2020:5149		https://access.redhat.com/errata/RHSA-2020:5149
RHSA-2020:5198		https://access.redhat.com/errata/RHSA-2020:5198
RHSA-2020:5605		https://access.redhat.com/errata/RHSA-2020:5605
RHSA-2020:5606		https://access.redhat.com/errata/RHSA-2020:5606
RHSA-2020:5633		https://access.redhat.com/errata/RHSA-2020:5633
RHSA-2020:5635		https://access.redhat.com/errata/RHSA-2020:5635
RHSA-2021:0420		https://access.redhat.com/errata/RHSA-2021:0420
RHSA-2021:0799		https://access.redhat.com/errata/RHSA-2021:0799
RHSA-2021:0980		https://access.redhat.com/errata/RHSA-2021:0980
RHSA-2021:1129		https://access.redhat.com/errata/RHSA-2021:1129
RHSA-2021:1168		https://access.redhat.com/errata/RHSA-2021:1168
RHSA-2021:1369		https://access.redhat.com/errata/RHSA-2021:1369
RHSA-2021:2039		https://access.redhat.com/errata/RHSA-2021:2039
RHSA-2021:3140		https://access.redhat.com/errata/RHSA-2021:3140
USN-5873-1		https://usn.ubuntu.com/5873-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C Found at https://github.com/golang/go/issues/39491

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C Found at https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C Found at https://go.dev/cl/238238

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C Found at https://go.dev/issue/39491

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C Found at https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C Found at https://go-review.googlesource.com/c/text/+/238238

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C Found at https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C Found at https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2020-14040

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-14040

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-14040

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.02428
EPSS Score	0.00022
Published At	March 29, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.