AZL-37886 — Vulnetix

AZL-37886 PUBLISHED CVSS 9.800000190734863 CRITICAL

CVE-2023-38545 affecting package tensorflow for versions less than 2.16.1-1

Risk Scores

CVSS 3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Azure Linux:3	tensorflow	0

Exploit Intelligence

This script is designed to exploit a heap buffer overflow vulnerability in a socks5 proxy server. (github-poc-repo)
Yang-Shun-Yu/CVE-2023-38545 (github-poc-repo)
Network Security Project CVE-2023-38545 (github-poc-repo)
Network Security Project CVE-2023-38545 (github-poc)
Yang-Shun-Yu/CVE-2023-38545 (github-poc)
This script is designed to exploit a heap buffer overflow vulnerability in a socks5 proxy server. (github-poc)
A proof of concept for testing CVE-2023-38545 against local curl (github-poc)
CVE-2023-38545 POC for the curl command line tool (github-poc)
Dockerfile containing all the necessary setup files to demo the exploit (github-poc)
Simple PoC causing overflow (github-poc)

…and 17 more exploits

Timeline

Oct 18, 2023 CVE Published
Apr 21, 2026 CVE Updated

References

https://nvd.nist.gov/vuln/detail/CVE-2023-38545 url

Open in Interactive Console →

$ Console Community · 100/wk Open console ›