Published: 29/11/2023 Updated: 30/11/2023

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

An issue in the box_deserialize_reusing function in openlink virtuoso-opensource v7.2.11 allows malicious users to cause a Denial of Service (DoS) after running a SELECT statement.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openlinksw virtuoso 7.2.11

Debian Bug report logs - #1059062 virtuoso-opensource: CVE-2023-48945 CVE-2023-48946 CVE-2023-48947 CVE-2023-48948 CVE-2023-48949 CVE-2023-48950 CVE-2023-48951 CVE-2023-48952 Package: src:virtuoso-opensource; Maintainer for src:virtuoso-opensource is Debian Science Maintainers <debian-science-maintainers@listsaliothdebianorg>; ...

An issue in the box_div function in openlink virtuoso-opensource v7211 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement (CVE-2023-48948) An issue in the box_add function in openlink virtuoso-opensource v7211 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement (CVE-2023-48949 ...

DescriptionThe MITRE CVE dictionary describes this issue as: An issue in the box_deserialize_reusing function in openlink virtuoso-opensource v7211 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement ...

CWE-502 https://github.com/openlink/virtuoso-opensource/issues/1175 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059062 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2024-2383.html

CVE-2023-48952

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect