5.5

CVE-2023-22840

Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IntelOnevpl Gpu Runtime Version < 22.6.5
FedoraprojectFedora Version37
FedoraprojectFedora Version38
FedoraprojectFedora Version39
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.44% 0.347
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
secure@intel.com 3.3 1.8 1.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CWE-86 Improper Neutralization of Invalid Characters in Identifiers in Web Pages

The product does not neutralize or incorrectly neutralizes invalid characters or byte sequences in the middle of tag names, URI schemes, and other identifiers.

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J7RNFPWOSFII2JE2KDRHPLJANZC3YATW/
Third Party Advisory
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L27GRS7E45IOCZ44VQX2NJ33GVRBWHBS/
Third Party Advisory
Issue Tracking
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TULYSWHC3X76AIGGMUSLBTWOXNND6IEV/
Third Party Advisory
Issue Tracking