Vulnerability Details CVE-2023-3433
The "nickname" field within Savoir-faire Linux's Jami application is susceptible to a failed state when a user inserts special characters into the field. When present, these special characters, make it so the application cannot create the signature for the user and results in a local denial of service to the application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.8%
CVSS Severity
CVSS v3 Score 5.5
References
- https://blog.blacklanternsecurity.com/p/Jami-Local-Denial-Of-Service-and-QRC-Handler-Vulnerabilities
- https://git.jami.net/savoirfairelinux/jami-client-qt/-/wikis/Changelog#nightly-january-10
- https://review.jami.net/c/jami-daemon/+/23575
- https://blog.blacklanternsecurity.com/p/Jami-Local-Denial-Of-Service-and-QRC-Handler-Vulnerabilities
- https://git.jami.net/savoirfairelinux/jami-client-qt/-/wikis/Changelog#nightly-january-10
- https://review.jami.net/c/jami-daemon/+/23575
Products affected by CVE-2023-3433
-
cpe:2.3:a:savoirfairelinux:jami:20222284