CVE-2023-39326

SOURCE - nist

Summary

A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small.

EPSS Score⁠: 0.00052 (0.194)

Common Weakness Enumeration (CWE)

SOURCE - nist

nist

CREATED

5 months ago

UPDATED

4 months ago

SOURCE IDCVE-2023-39326⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-noinfo⁠

CVSS SCORE

5.3medium

alpine

CREATED

5 months ago

UPDATED

1 month ago

SOURCE IDCVE-2023-39326⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

debian

CREATED

5 months ago

UPDATED

2 months ago

SOURCE IDCVE-2023-39326⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

ubuntu

CREATED

5 months ago

UPDATED

12 days ago

SOURCE IDCVE-2023-39326⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.3medium

golang

CREATED

5 months ago

UPDATED

5 months ago

SOURCE IDGO-2023-2382⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

alma

CREATED

3 months ago

UPDATED

3 months ago

SOURCE IDALSA-2024:0748⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

alma

CREATED

3 months ago

UPDATED

3 months ago

SOURCE IDALSA-2024:0887⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDALSA-2024:1149⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDALSA-2024:1131⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

8 days ago

UPDATED

20 hours ago

SOURCE IDALSA-2024:2245⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

8 days ago

UPDATED

20 hours ago

SOURCE IDALSA-2024:2193⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

8 days ago

UPDATED

20 hours ago

SOURCE IDALSA-2024:2272⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

8 days ago

UPDATED

20 hours ago

SOURCE IDALSA-2024:2160⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

amazon

CREATED

4 months ago

UPDATED

4 months ago

SOURCE IDALAS-2024-1903⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

amazon

CREATED

4 months ago

UPDATED

2 months ago

SOURCE IDALAS-2024-2424⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

4 months ago

UPDATED

4 months ago

SOURCE IDALAS-2024-2388⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

amazon

CREATED

3 months ago

UPDATED

3 months ago

SOURCE IDALAS-2024-2446⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDALAS2023-2024-498⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDALAS2023-2024-477⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

amazon

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDALAS2023-2024-529⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

amazon

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDALAS2023-2024-501⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

3 months ago

UPDATED

13 days ago

SOURCE IDALAS-2024-2458⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDALAS2023-2024-542⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDALAS2023-2024-526⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

3 months ago

UPDATED

12 days ago

SOURCE IDALAS-2024-1920⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 months ago

UPDATED

21 days ago

SOURCE IDALAS2023-2024-499⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

bitnami

CREATED

2 months ago

UPDATED

2 months ago

SOURCE ID

BIT-golang-2023-39326

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

redhat

CREATED

5 months ago

UPDATED

5 months ago

SOURCE IDCVE-2023-39326⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-400⁠

CVSS SCORE

7.5high

oracle

CREATED

3 months ago

UPDATED

3 months ago

SOURCE IDELSA-2024-0887⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDELSA-2024-12189⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

oracle

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDELSA-2024-12190⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

oracle

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDELSA-2024-12191⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDELSA-2024-1149⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDELSA-2024-12225⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

oracle

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDELSA-2024-1131⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

2 months ago

UPDATED

2 months ago

SOURCE IDELSA-2024-12226⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

oracle

CREATED

1 month ago

UPDATED

1 month ago

SOURCE IDELSA-2024-12262⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

oracle

CREATED

1 month ago

UPDATED

1 month ago

SOURCE IDELSA-2024-12261⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

oracle

CREATED

1 month ago

UPDATED

1 month ago

SOURCE IDELSA-2024-12263⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

oracle

CREATED

1 month ago

UPDATED

1 month ago

SOURCE IDELSA-2024-12264⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

oracle

CREATED

5 days ago

UPDATED

5 days ago

SOURCE IDELSA-2024-2245⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

6 days ago

UPDATED

6 days ago

SOURCE IDELSA-2024-2272⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

5 days ago

UPDATED

5 days ago

SOURCE IDELSA-2024-2193⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

chainguard

CREATED

5 months ago

UPDATED

27 days ago

SOURCE ID

CVE-2023-39326

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

wolfi

CREATED

5 months ago

UPDATED

2 months ago

SOURCE ID

CVE-2023-39326

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

CVE-2023-39326

Summary

Common Weakness Enumeration (CWE)

CWE-noinfo⁠

CWE-400⁠

Sources (45)

nist

CVSS SCORE

alpine

debian

ubuntu

CVSS SCORE

golang

alma

CVSS SCORE

alma

CVSS SCORE

alma

CVSS SCORE

alma

CVSS SCORE

alma

CVSS SCORE

alma

CVSS SCORE

alma

CVSS SCORE

alma

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

amazon

CVSS SCORE

bitnami

CVSS SCORE

redhat

CVSS SCORE

oracle

CVSS SCORE

oracle

CVSS SCORE

oracle

CVSS SCORE

oracle

CVSS SCORE

oracle

CVSS SCORE

oracle

CVSS SCORE

oracle

CVSS SCORE

oracle

CVSS SCORE

oracle

CVSS SCORE

oracle

CVSS SCORE

oracle