CVE-2023-39327 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
redhat	CNA	4.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 15%

Affected Products (NVD)

Vendor	Product	Version
uclouvain	openjpeg	-
uclouvain	openjpeg	2.0
uclouvain	openjpeg	2.5.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

openjpeg2

bookworm	postponed
bullseye	no-dsa
sid	vulnerable
trixie	vulnerable

Ubuntu Releases

Ubuntu Product

Codename

blender

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
mantic	ignored
noble	needs-triage
oracular	needs-triage
xenial	needs-triage

ghostscript

bionic	needs-triage
focal	not-affected
jammy	not-affected
mantic	not-affected
noble	not-affected
oracular	not-affected
xenial	needs-triage

insighttoolkit4

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
mantic	dne
noble	dne
oracular	dne
xenial	needs-triage

openjpeg

focal	dne
jammy	dne
mantic	dne
noble	dne
oracular	dne
trusty	ignored
xenial	needs-triage

openjpeg2

bionic	Fixed 2.3.0-2+deb10u2ubuntu0.1~esm2 released
focal	Fixed 2.3.1-1ubuntu4.20.04.2 released
jammy	Fixed 2.4.0-6ubuntu0.1 released
mantic	ignored
noble	Fixed 2.5.0-2ubuntu0.1 released
oracular	Fixed 2.5.0-2ubuntu1 released
xenial	Fixed 2.1.2-1.1+deb9u6ubuntu0.1~esm4 released

qtwebengine-opensource-src

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
mantic	ignored
noble	needs-triage
oracular	needs-triage

texmaker

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
mantic	ignored
noble	needs-triage
oracular	needs-triage
xenial	needs-triage

Common Weakness Enumeration

CWE-400 - Uncontrolled Resource Consumption
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References

https://access.redhat.com/security/cve/CVE-2023-39327

https://bugzilla.redhat.com/show_bug.cgi?id=2295812

https://access.redhat.com/security/cve/CVE-2023-39327

https://bugzilla.redhat.com/show_bug.cgi?id=2295812