CVE-2024-51562 (Medium) detected in src3.1.5 #233
Labels
Mend: dependency security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
Mend: dependency security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2024-51562 - Medium Severity Vulnerability
MidnightBSD OS source code
Library home page: https://github.com/MidnightBSD/src.git
Found in base branch: stable/3.2
The NVMe driver function nvme_opc_get_log_page is vulnerable to a buffer over-read from a guest-controlled value.
Publish Date: 2024-11-12
URL: CVE-2024-51562
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://www.freebsd.org/security/advisories/FreeBSD-SA-24:17.bhyve.asc
Release Date: 2024-11-12
Fix Resolution: 86ba5941b132
Step up your Open Source Security Game with Mend here
The text was updated successfully, but these errors were encountered: