CVE-2023-29458

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jul 13, 2023

Updated: Jul 25, 2023

CWE ID 129

Summary

CVE-2023-29458 is a vulnerability affecting Duktape, an embeddable JavaScript engine known for its portability and compact footprint. This issue arises when the JavaScript engine valstack is overloaded with an excessive number of values. The root cause is a bug identified in Duktape version 2.6, which is used as a third-party solution. When this occurs, the engine crashes, potentially leading to security vulnerabilities or application instability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Zabbix LLC

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r-htip
https://www.cve.org/CVERecord?id=CVE-2023-29458
https://nvd.nist.gov/vuln/detail/CVE-2023-29458

Back to Vulnerability Database

CVE-2023-29458

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations