CVE-2020-11068

High

In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked. This has been fixed…

GitHub_M·CWE-120·Published 2020-06-23

CVSS

8.8

EPSS

0.01

KEV

Exploits

cve.orgen

149 chars

In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked. This has been fixed in 4.4.4.

NVDen

149 chars

In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked. This has been fixed in 4.4.4.

En el nodo LoRaMac versiones anteriores a 4.4.4, un desbordamiento del búfer de recepción puede presentarse debido a que no es comprobado el tamaño del búfer recibido. Esto ha sido corregido en la versión 4.4.4

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.5	8.0	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	5.0	—	—	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
3.1	Primary	cve.org	5.0	—	—	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
3.1	Secondary	NVD	5.0	1.6	3.4	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L