Oracle Application Testing Suite 13.3.0.1 Load Testing for Web Apps denegación de servicio

Una vulnerabilidad fue encontrada en Oracle Application Testing Suite 13.3.0.1 y clasificada como crítica. Una función desconocida del componente Load Testing for Web Apps es afectada por esta vulnerabilidad. A través de la manipulación de un input desconocido se causa una vulnerabilidad de clase denegación de servicio. El advisory puede ser descargado de oracle.com. La vulnerabilidad es identificada como CVE-2023-2618. El ataque se puede efectuar a través de la red. Fue declarado como no está definido. El parche puede ser descargado de github.com. Una solución posible ha sido publicada inmediatamente después de la publicación de la vulnerabilidad.

Campo2024-01-17 09:092024-02-08 08:342024-02-08 08:35
vendorOracleOracleOracle
nameApplication Testing SuiteApplication Testing SuiteApplication Testing Suite
cveCVE-2023-2618CVE-2023-2618CVE-2023-2618
componentLoad Testing for Web AppsLoad Testing for Web AppsLoad Testing for Web Apps
risk222
cwe404 (denegación de servicio)404 (denegación de servicio)404 (denegación de servicio)
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aHHH
version13.3.0.113.3.0.113.3.0.1
cvss3_vuldb_rcCCC
cvss3_vuldb_rlOOO
urlhttps://www.oracle.com/security-alerts/cpujan2024.htmlhttps://www.oracle.com/security-alerts/cpujan2024.htmlhttps://www.oracle.com/security-alerts/cpujan2024.html
date1705359600 (2024-01-16)1705359600 (2024-01-16)1705359600 (2024-01-16)
identifierOracle Critical Patch Update Advisory - January 2024Oracle Critical Patch Update Advisory - January 2024Oracle Critical Patch Update Advisory - January 2024
date1705359600 (2024-01-16)1705359600 (2024-01-16)1705359600 (2024-01-16)
typeTesting SoftwareTesting SoftwareTesting Software
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiCCC
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore7.87.87.8
cvss2_vuldb_tempscore6.86.86.8
cvss3_vuldb_basescore7.57.57.5
cvss3_vuldb_tempscore7.27.27.2
cvss3_meta_basescore7.57.56.8
cvss3_meta_tempscore7.27.26.7
price_0day$5k-$25k$5k-$25k$5k-$25k
patch_urlhttps://github.com/opencv/opencv_contrib/pull/3484https://github.com/opencv/opencv_contrib/pull/3484
cve_assigned1683669600 (2023-05-10)1683669600 (2023-05-10)
cve_nvd_summaryA vulnerability, which was classified as problematic, has been found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this issue is the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to memory leak. The attack may be launched remotely. The name of the patch is 2b62ff6181163eea029ed1cab11363b4996e9cd6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-228548.A vulnerability, which was classified as problematic, has been found in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this issue is the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads to memory leak. The attack may be launched remotely. The name of the patch is 2b62ff6181163eea029ed1cab11363b4996e9cd6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-228548.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cN
cvss3_nvd_iN
cvss3_nvd_aH
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciN
cvss2_nvd_iiN
cvss2_nvd_aiP
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prN
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cN
cvss3_cna_iN
cvss3_cna_aL
cve_cnaVulDB
cvss2_nvd_basescore5.0
cvss3_nvd_basescore7.5
cvss3_cna_basescore5.3

AnteriorVisión De ConjuntoPróximo

Do you know our Splunk app?

Download it now for free!