All 5 CVE vulnerabilities found in gss-ntlmssp, with AI-generated Chinese analysis, references, and POCs.
Vendor: gssapi
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-25567 | GSS-NTLMSSP vulnerable to out-of-bounds read when decoding target information CWE-125 | 7.5 | High | 2023-02-14 |
| CVE-2023-25566 | GSS-NTLMSSP vulnerable to memory leak when parsing usernames CWE-401 | 7.5 | High | 2023-02-14 |
| CVE-2023-25565 | GSS-NTLMSSP vulnerable to incorrect free when decoding target information CWE-590 | 7.5 | High | 2023-02-14 |
| CVE-2023-25564 | GSS-NTLMSSP vulnerable to memory corruption when decoding UTF16 strings CWE-787 | 6.5 | Medium | 2023-02-14 |
| CVE-2023-25563 | GSS-NTLMSSP vulnerable to multiple out-of-bounds reads when decoding NTLM fields CWE-125 | 5.9 | Medium | 2023-02-14 |
All 5 known CVE vulnerabilities affecting gss-ntlmssp with full Chinese analysis, references, and POCs where available.