Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-28507
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Memory exhaustion in LZ4 decompression in UniRPC daemon
Source: NVD (National Vulnerability Database)
Vulnerability Description
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a memory-exhaustion issue, where a decompression routine will allocate increasing amounts of memory until all system memory is exhausted and the forked process crashes.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Rocket Software UniData 和 UniVerse 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Rocket Software UniVerse和Rocket Software UniData都是美国Rocket Software公司的产品。Rocket Software UniVerse是一套现在由 Rocket Software 拥有的数据库管理和支持软件。Rocket Software UniData是一个 MultiValue 应用程序平台。用于从 Rocket Software 开发快速、灵活和安全的应用程序。 Rocket Software UniData 8.2.4 build 300
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
Rocket SoftwareUniData 0 ~ 8.2.43.3003 -
Rocket SoftwareUniVerse 0 ~ 11.3.5.1001 -
II. Public POCs for CVE-2023-28507
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2023-28507
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: UniData
Same vendor: Rocket Software
Same weakness: CWE-400
V. Comments for CVE-2023-28507

No comments yet

Leave a comment