7.5
CVE-2020-27638
- EPSS 1.11%
- Published 22.10.2020 13:15:15
- Last modified 21.11.2024 05:21:33
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code.
Data is provided by the National Vulnerability Database (NVD)
Fastd Project ≫ Fastd Version < 21.0
Debian ≫ Debian Linux Version9.0
Fedoraproject ≫ Fedora Version31
Fedoraproject ≫ Fedora Version32
Fedoraproject ≫ Fedora Version33
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.11% | 0.761 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.