CVE-2023-22840Improper Neutralization of Invalid Characters in Identifiers in Web Pages in Intel Onevpl GPU Runtime

CWE-86Improper Neutralization of Invalid Characters in Identifiers in Web Pages2 documents2 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 81.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Intel Onevpl GPU RuntimeFedoraproject Fedora
Timeline
PublishedAug 11

Description

Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

Also affects: Fedora 37, 38, 39

🔴Vulnerability Details

1
GHSA
GHSA-gwwr-j6xf-qr2h: Improper neutralization in software for the Intel(R) oneVPL GPU software before version 222023-08-11
CVE-2023-22840 — Intel Onevpl GPU Runtime vulnerability | cvebase