Open mend-bolt-for-github[bot] opened 3 months ago
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
CVE-2023-30086 - Medium Severity Vulnerability
An operating system based on the best Windows NT design principles
Library home page: https://sourceforge.net/projects/reactos/
Found in HEAD commit: 53d912968350dc9f53d47b0479a18abff1adc0e0
Found in base branch: main
Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.
Publish Date: 2023-05-09
URL: CVE-2023-30086
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://gitlab.com/libtiff/libtiff/-/issues/538
Release Date: 2023-05-09
Fix Resolution: v4.5.0
Step up your Open Source Security Game with Mend here