How severe is CVE-2023-1390?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2023-1390?

This is classified as CWE-1050, which is a common weakness in software security.

CVE-2023-1390

HIGH Year: 2023

CVSS v3 Score

7.5

High

Weakness Type

CWE-1050

View all →

Vulnerability Description

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.

CVE-2021-41039

HIGH

CVSS:7.5(High)

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possi...

CWE-10502021

CVE-2024-4068

HIGH

CVSS:7.5(High)

The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalance...

CWE-10502024

CVE-2025-47947

HIGH

CVSS:7.5(High)

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special cas...

CWE-10502025

CVE-2019-11254

MEDIUM

CVSS:6.5(Medium)

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to co...

CWE-10502019