CVE-2023-35862

Name
CVE-2023-35862
Description
libcoap 4.3.1 contains a buffer over-read via the function coap_parse_oscore_conf_mem at coap_oscore.c.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/obgm/libcoap/tags
MISC https://github.com/obgm/libcoap/issues/1117
MISC https://github.com/obgm/libcoap/pull/1118

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:libcoap:libcoap:4.3.1:*:*:*:*:*:*:* libcoap == None == 4.3.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libcoap 3.18-community 4.3.1-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable