PT-2023-21396 · Gnu+2 · Gnu Cflow+2
Daisypo
·
Publicado
2023-05-18
·
Atualizado
2026-04-01
·
CVE-2023-2789
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
GNU cflow version 1.7
Description
A problematic issue has been found that affects the function
func body/parse variable declaration of the file parser.c, leading to denial of service. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond.Recommendations
For GNU cflow version 1.7, as a temporary workaround, consider disabling the
func body/parse variable declaration function until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
DoS
Improper Resource Release
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Debian
Gnu Cflow
Red Os