VDB
CVE-2023-37466
CVE-2023-37466
PUBLISHED
Es existiert eine Schwachstelle in vm2. Diese ist darauf zurückzuführen, dass eine Bereinigung umgangen werden kann. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen.
EPSS 4.93% · 89.8th percentile
Risk Scores
EPSS Score
4.93%
89.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux | |
| Open Source | Open Source vm2 <= 3.9.19 |
Timeline
- Jul 13, 2023 CVE Published
- Jul 14, 2023 EPSS Score
- Aug 17, 2023 EPSS Score
- Oct 25, 2023 EPSS Score
- Nov 29, 2023 EPSS Score
- Feb 6, 2024 EPSS Score
- Mar 11, 2024 EPSS Score
- Mar 18, 2024 PoC Published
- Apr 15, 2024 EPSS Score
- Jun 22, 2024 EPSS Score
- Jul 27, 2024 EPSS Score
- Aug 30, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1752.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1752 advisory
- https://access.redhat.com/errata/RHSA-2023:4972 advisory
- https://access.redhat.com/errata/RHSA-2023:4980 advisory
- https://access.redhat.com/errata/RHSA-2023:4875 advisory
- https://access.redhat.com/errata/RHSA-2023:4862 advisory
- https://github.com/advisories/GHSA-cchq-frgv-rjh5 advisory