VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-wv3z-12dd-aaas

Essentials
Severities (109)
References (20)
Severity details (23)
Exploits (1)
EPSS
History (0)

Vulnerability ID	VCID-wv3z-12dd-aaas
Aliases	CVE-2023-3079
Summary	Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Status	Published
Exploitability	2.0
Weighted Severity	7.9
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

System	Score	Found at
cvssv3.1	8.8	http://packetstormsecurity.com/files/176211/Chrome-V8-Type-Confusion.html
ssvc	Attend	http://packetstormsecurity.com/files/176211/Chrome-V8-Type-Confusion.html
cvssv3.1	8.8	http://packetstormsecurity.com/files/176212/Chrome-V8-Type-Confusion-New-Sandbox-Escape.html
ssvc	Attend	http://packetstormsecurity.com/files/176212/Chrome-V8-Type-Confusion-New-Sandbox-Escape.html
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00279	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00287	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00287	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00287	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00287	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00334	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00334	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00379	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00389	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00389	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00389	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00389	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00389	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00389	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00389	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00389	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00389	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00389	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.00454	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04462	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.04494	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.12006	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.13856	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.13856	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.13856	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.13856	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.13856	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.13856	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.13856	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.13856	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.13856	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.13856	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.13856	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.30471	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.30471	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
epss	0.34768	https://api.first.org/data/v1/epss?cve=CVE-2023-3079
cvssv3.1	8.8	https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html
ssvc	Attend	https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html
cvssv3.1	8.8	https://crbug.com/1450481
ssvc	Attend	https://crbug.com/1450481
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYTXO5E3FI3I2ETDP3HF4SHYYTFMKMIC/
ssvc	Attend	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYTXO5E3FI3I2ETDP3HF4SHYYTFMKMIC/
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U4OXTNIZY4JYHJT7CVLPAJQILI6BISVM/
ssvc	Attend	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U4OXTNIZY4JYHJT7CVLPAJQILI6BISVM/
cvssv3	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-3079
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-3079
cvssv3.1	8.8	https://security.gentoo.org/glsa/202311-11
ssvc	Attend	https://security.gentoo.org/glsa/202311-11
cvssv3.1	8.8	https://security.gentoo.org/glsa/202401-34
ssvc	Attend	https://security.gentoo.org/glsa/202401-34
cvssv3.1	7.5	https://www.couchbase.com/alerts/
cvssv3.1	8.8	https://www.couchbase.com/alerts/
ssvc	Attend	https://www.couchbase.com/alerts/
cvssv3.1	8.8	https://www.debian.org/security/2023/dsa-5420
ssvc	Attend	https://www.debian.org/security/2023/dsa-5420

Reference id	Reference type	URL
		http://packetstormsecurity.com/files/176211/Chrome-V8-Type-Confusion.html
		http://packetstormsecurity.com/files/176212/Chrome-V8-Type-Confusion-New-Sandbox-Escape.html
		https://api.first.org/data/v1/epss?cve=CVE-2023-3079
		https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html
		https://crbug.com/1450481
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3079
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYTXO5E3FI3I2ETDP3HF4SHYYTFMKMIC/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U4OXTNIZY4JYHJT7CVLPAJQILI6BISVM/
		https://www.couchbase.com/alerts/
		https://www.debian.org/security/2023/dsa-5420
cpe:2.3:a:couchbase:couchbase_server::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:couchbase:couchbase_server::::::::
cpe:2.3:a:couchbase:couchbase_server:7.2.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:couchbase:couchbase_server:7.2.0:::::::*
cpe:2.3:a:google:chrome::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
cpe:2.3:o:debian:debian_linux:11.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:::::::*
cpe:2.3:o:debian:debian_linux:12.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:::::::*
cpe:2.3:o:fedoraproject:fedora:37:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:::::::*
cpe:2.3:o:fedoraproject:fedora:38:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:::::::*
CVE-2023-3079		https://nvd.nist.gov/vuln/detail/CVE-2023-3079
GLSA-202311-11		https://security.gentoo.org/glsa/202311-11
GLSA-202401-34		https://security.gentoo.org/glsa/202401-34

Data source	KEV
Date added	June 7, 2023
Description	Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required action	Apply updates per vendor instructions.
Due date	June 28, 2023
Note	https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html; https://nvd.nist.gov/vuln/detail/CVE-2023-3079
Ransomware campaign use	Unknown

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://packetstormsecurity.com/files/176211/Chrome-V8-Type-Confusion.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-08T17:30:24Z/ Found at http://packetstormsecurity.com/files/176211/Chrome-V8-Type-Confusion.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://packetstormsecurity.com/files/176212/Chrome-V8-Type-Confusion-New-Sandbox-Escape.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-08T17:30:24Z/ Found at http://packetstormsecurity.com/files/176212/Chrome-V8-Type-Confusion-New-Sandbox-Escape.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-08T17:30:24Z/ Found at https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://crbug.com/1450481

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-08T17:30:24Z/ Found at https://crbug.com/1450481

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYTXO5E3FI3I2ETDP3HF4SHYYTFMKMIC/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-08T17:30:24Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYTXO5E3FI3I2ETDP3HF4SHYYTFMKMIC/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U4OXTNIZY4JYHJT7CVLPAJQILI6BISVM/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-3079

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-3079

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202311-11

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-08T17:30:24Z/ Found at https://security.gentoo.org/glsa/202311-11

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202401-34

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-08T17:30:24Z/ Found at https://security.gentoo.org/glsa/202401-34

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://www.couchbase.com/alerts/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.couchbase.com/alerts/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-08T17:30:24Z/ Found at https://www.couchbase.com/alerts/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2023/dsa-5420

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-08T17:30:24Z/ Found at https://www.debian.org/security/2023/dsa-5420

Exploit Prediction Scoring System (EPSS)

Percentile	0.50771
EPSS Score	0.00279
Published At	April 15, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.