VDB
CVE-2023-48946
CVE-2023-48946
PUBLISHED
CVSS 7.5 HIGH
An issue in the box_mpy function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
EPSS 0.09% · 25.7th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.09%
25.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a, n/a |
| openlinksw | virtuoso | 7.2.11, 7.2.11, 7.2.11 |
Exploit Intelligence
- CIRCL seen: CVE-2023-48946 (circl-sighting)
- https://github.com/openlink/virtuoso-opensource/issues/1178 (nist-nvd)
Timeline
- Nov 29, 2023 CVE Published
- Dec 1, 2023 EPSS Score
- Dec 20, 2023 PoC Published
- Dec 31, 2023 EPSS Score
- Jan 29, 2024 EPSS Score
- Feb 28, 2024 EPSS Score
- Mar 29, 2024 EPSS Score
- Apr 27, 2024 EPSS Score
- May 27, 2024 EPSS Score
- Jun 26, 2024 EPSS Score
- Jul 25, 2024 EPSS Score
- Aug 2, 2024 CVE Updated