Sign In

CVE-2023-3635

ADVISORY - github

Summary

GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class.

EPSS Score: 0.00498 (0.659)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-195

Signed to Unsigned Conversion Error

CWE-681

Incorrect Conversion between Numeric Types

ADVISORY - github

CWE-195

Signed to Unsigned Conversion Error

CWE-681

Incorrect Conversion between Numeric Types

ADVISORY - gitlab

CWE-1035

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-681

Incorrect Conversion between Numeric Types

CWE-937

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

ADVISORY - redhat

CWE-248

Uncaught Exception

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2023-3635
EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-195CWE-681

CVSS SCORE

5.9medium

GitHub

CREATED

UPDATED

ADVISORY IDGHSA-w33c-445m-f8w7
EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-195CWE-681

CVSS SCORE

5.9medium

Debian

CREATED

UPDATED

ADVISORY IDCVE-2023-3635
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2023-3635
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

GitLab

CREATED

UPDATED

ADVISORY ID

CVE-2023-3635

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-1035CWE-681CWE-937

CVSS SCORE

7.5high

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2023-3635
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-248

CVSS SCORE

7.5high

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-3p56-c2m7-vc2q

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-5wch-p264-wjvv

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-7435-52pf-xmp5

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-774g-v4cr-j889

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-gvqr-m7rp-72vj

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-hp3c-4gww-mmjf

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-mcqv-hc9j-chjg

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-pr8w-qc54-h2c9

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

intheWild

CREATED

UPDATED

ADVISORY IDCVE-2023-3635
EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY