CVE-2023-40294

libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c.
References
Link Resource
https://github.com/0branch/boron/issues/3 Exploit Vendor Advisory
https://github.com/0branch/boron/issues/3 Exploit Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:0branch:boron:2.0.8:*:*:*:*:*:*:*

History

21 Nov 2024, 08:19

Type Values Removed Values Added
References () https://github.com/0branch/boron/issues/3 - Exploit, Vendor Advisory () https://github.com/0branch/boron/issues/3 - Exploit, Vendor Advisory

21 Aug 2023, 17:25

Type Values Removed Values Added
First Time 0branch
0branch boron
CWE CWE-787
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
References (MISC) https://github.com/0branch/boron/issues/3 - (MISC) https://github.com/0branch/boron/issues/3 - Exploit, Vendor Advisory
CPE cpe:2.3:a:0branch:boron:2.0.8:*:*:*:*:*:*:*

14 Aug 2023, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-14 04:15

Updated : 2024-11-21 08:19


NVD link : CVE-2023-40294

Mitre link : CVE-2023-40294

CVE.ORG link : CVE-2023-40294


JSON object : View

Products Affected

0branch

  • boron
CWE
CWE-787

Out-of-bounds Write