CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-42183

lockss-daemon (aka Classic LOCKSS Daemon) before 1.77.3 performs post-Unicode normalization, which may allow bypass of intended access restrictions, such as when U+1FEF is converted to a backtick.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.9%

CVSS Severity

CVSS v3 Score 5.3

References

https://github.com/lockss/lockss-daemon/security/advisories/GHSA-mgqj-hphf-9588
https://github.com/lockss/lockss-daemon/security/advisories/GHSA-mgqj-hphf-9588

Products affected by CVE-2023-42183

Lockss » Classic Lockss Daemon » Version: N/A

cpe:2.3:a:lockss:classic_lockss_daemon:-
Lockss » Classic Lockss Daemon » Version: 1.75.9

cpe:2.3:a:lockss:classic_lockss_daemon:1.75.9
Lockss » Classic Lockss Daemon » Version: 1.76.5

cpe:2.3:a:lockss:classic_lockss_daemon:1.76.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-42183

Products

Pricing

Contact Us