Vulnerability Details : CVE-2023-40711
Veilid before 0.1.9 does not check the size of uncompressed data during decompression upon an envelope receipt, which allows remote attackers to cause a denial of service (out-of-memory abort) via crafted packet data, as exploited in the wild in August 2023.
Vulnerability category: Denial of service
Products affected by CVE-2023-40711
We don't have affected product information for this CVE yet
Exploit prediction scoring system (EPSS) score for CVE-2023-40711
0.16%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 53 %
Percentile, the proportion of vulnerabilities that are scored at or less
References for CVE-2023-40711
-
https://gitlab.com/veilid/veilid/-/blob/main/CHANGELOG.md
CHANGELOG.md · main · Veilid / veilid · GitLab
Jump to