CVE-2023-3433

medium

Description

The "nickname" field within Savoir-faire Linux's Jami application is susceptible to a failed state when a user inserts special characters into the field. When present, these special characters, make it so the application cannot create the signature for the user and results in a local denial of service to the application.

References

https://review.jami.net/c/jami-daemon/+/23575

https://git.jami.net/savoirfairelinux/jami-client-qt/-/wikis/Changelog#nightly-january-10

https://blog.blacklanternsecurity.com/p/Jami-Local-Denial-Of-Service-and-QRC-Handler-Vulnerabilities

Details

Source: Mitre, NVD

Published: 2023-07-14

Updated: 2023-07-26

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium