{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-06T19:10:55.219","vulnerabilities":[{"cve":{"id":"CVE-2023-6780","sourceIdentifier":"secalert@redhat.com","published":"2024-01-31T14:15:48.917","lastModified":"2026-05-12T11:16:18.397","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer."},{"lang":"es","value":"Se encontró un desbordamiento de enteros en la función __vsyslog_internal de la liibrería glibc. Esta función es llamada por las funciones syslog y vsyslog. Este problema ocurre cuando estas funciones se llaman con un mensaje muy largo, lo que genera un cálculo incorrecto del tamaño del búfer para almacenar el mensaje, lo que genera un comportamiento indefinido. Este problema afecta a glibc 2.37 y posteriores."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-131"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-131"},{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*","versionStartIncluding":"2.37","versionEndExcluding":"2.39","matchCriteriaId":"8A5153FA-49E9-457F-94BB-202CACA41C76"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","matchCriteriaId":"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*","matchCriteriaId":"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html","source":"secalert@redhat.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2024/Feb/3","source":"secalert@redhat.com","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2023-6780","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254396","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/","source":"secalert@redhat.com","tags":["Mailing List"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/","source":"secalert@redhat.com","tags":["Mailing List"]},{"url":"https://security.gentoo.org/glsa/202402-01","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://www.openwall.com/lists/oss-security/2024/01/30/6","source":"secalert@redhat.com","tags":["Exploit","Mailing List"]},{"url":"https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2024/Feb/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2023-6780","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254396","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://security.gentoo.org/glsa/202402-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20250207-0010/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.openwall.com/lists/oss-security/2024/01/30/6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List"]},{"url":"https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}}]}