Gssapi Gss-ntlmssp
5 CVEs affecting Gssapi Gss-ntlmssp. Latest disclosed: 2023-02-14. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-25567 | High | 7.5 | 2023-02-14 | GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication, has an out-of-bounds read when decoding target information prior to… |
CVE-2023-25566 | High | 7.5 | 2023-02-14 | GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, a memory leak can be triggered when parsin… |
CVE-2023-25565 | High | 7.5 | 2023-02-14 | GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, an incorrect free when decoding target inf… |
CVE-2023-25564 | Medium | 6.5 | 2023-02-14 | GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, memory corruption can be triggered when de… |
CVE-2023-25563 | Medium | 5.9 | 2023-02-14 | GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding… |