CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-52159

A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.026

EPSS Ranking 85.2%

CVSS Severity

CVSS v3 Score 7.5

References

https://codeberg.org/bizdelnick/gross/wiki/Known-vulnerabilities#cve-2023-52159
https://lists.debian.org/debian-lts-announce/2024/03/msg00027.html
https://codeberg.org/bizdelnick/gross/wiki/Known-vulnerabilities#cve-2023-52159
https://lists.debian.org/debian-lts-announce/2024/03/msg00027.html

Products affected by CVE-2023-52159

Bizdelnick » Gross » Version: 0.9.3

cpe:2.3:a:bizdelnick:gross:0.9.3
Bizdelnick » Gross » Version: 1.0.0

cpe:2.3:a:bizdelnick:gross:1.0.0
Bizdelnick » Gross » Version: 1.0.3

cpe:2.3:a:bizdelnick:gross:1.0.3
Debian » Debian Linux » Version: 10.0

cpe:2.3:o:debian:debian_linux:10.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-52159

Products

Pricing

Contact Us