CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5236

A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial of service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.7%

CVSS Severity

CVSS v3 Score 4.4

References

Products affected by CVE-2023-5236

Infinispan » Infinispan » Version: N/A

cpe:2.3:a:infinispan:infinispan:-
Redhat » Data Grid » Version: 6.0.0

cpe:2.3:a:redhat:data_grid:6.0.0
Redhat » Data Grid » Version: 7.3.4

cpe:2.3:a:redhat:data_grid:7.3.4
Redhat » Data Grid » Version: 8.0

cpe:2.3:a:redhat:data_grid:8.0
Redhat » Data Grid » Version: 8.0.0

cpe:2.3:a:redhat:data_grid:8.0.0
Redhat » Data Grid » Version: 8.0.1

cpe:2.3:a:redhat:data_grid:8.0.1
Redhat » Data Grid » Version: 8.1.0

cpe:2.3:a:redhat:data_grid:8.1.0
Redhat » Data Grid » Version: 8.1.1

cpe:2.3:a:redhat:data_grid:8.1.1
Redhat » Jboss Data Grid » Version: N/A

cpe:2.3:a:redhat:jboss_data_grid:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5236

Products

Pricing

Contact Us