CVE-2024-37371

ADVISORY - nist

Summary

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.

EPSS Score⁠: 0.00725 (0.715)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-125⁠

Out-of-bounds Read

CWE-other⁠

Impacted images

Advisories

NIST

CREATED

1 year ago

UPDATED

3 months ago

ADVISORY IDCVE-2024-37371⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-125⁠CWE-other⁠

CVSS SCORE

9.1critical

Alpine

CREATED

1 year ago

UPDATED

3 months ago

ADVISORY IDCVE-2024-37371⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

1 year ago

UPDATED

3 months ago

ADVISORY IDCVE-2024-37371⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

1 year ago

UPDATED

3 months ago

ADVISORY IDCVE-2024-37371⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.1medium

Alma

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY IDALSA-2024:5312⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY IDALSA-2024:6166⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDALSA-2025:1671⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDALSA-2025:1673⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY IDALAS2-2024-2595⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

11 months ago

UPDATED

10 months ago

ADVISORY IDALAS2023-2024-688⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

1 year ago

UPDATED

3 months ago

ADVISORY IDCVE-2024-37371⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5medium

Rocky

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDRLSA-2024:5312⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2025:1671⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

4 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2025:1673⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY IDELSA-2024-5076⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY IDELSA-2024-5312⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY IDELSA-2024-6166⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDELSA-2025-1671⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDELSA-2025-1673⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh