VYPR
Unrated severityNVD Advisory· Published Jun 14, 2023· Updated Jan 2, 2025

Out of Bounds Slice index in cfnts leads to remote panic

CVE-2023-3036

Description

An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71  enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packet contents.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Cloudflare/cfntsllm-create2 versions
    < commit 783490b+ 1 more
    • (no CPE)range: < commit 783490b
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.