7.5
CVE-2017-20186
- EPSS 0.74%
- Veröffentlicht 28.08.2023 13:15:08
- Zuletzt bearbeitet 21.11.2024 03:22:50
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
Loginnikooo777 ckSurf Spectator List Name misc.sp SpecListMenuDead denial of service
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in nikooo777 ckSurf up to 1.19.2. It has been declared as problematic. This vulnerability affects the function SpecListMenuDead of the file csgo/addons/sourcemod/scripting/ckSurf/misc.sp of the component Spectator List Name Handler. The manipulation of the argument cleanName leads to denial of service. Upgrading to version 1.21.0 is able to address this issue. The name of the patch is fd6318d99083a06363091441a0614bd2f21068e6. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-238156. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.74% | 0.496 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| cna@vuldb.com | 3.5 | 2.1 | 1.4 |
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
|
| cna@vuldb.com | 2.7 | 5.1 | 2.9 |
AV:A/AC:L/Au:S/C:N/I:N/A:P
|
CWE-404 Improper Resource Shutdown or Release
The product does not release or incorrectly releases a resource before it is made available for re-use.
https://forums.alliedmods.net/showthread.php?t=297179
https://github.com/nikooo777/ckSurf/commit/fd6318d99083a06363091441a0614bd2f21068e6
https://github.com/nikooo777/ckSurf/releases/tag/1.21.0
https://vuldb.com/?ctiid.238156
https://vuldb.com/?id.238156