CVE-2023-31518

A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service (DoS) via a crafted map file.

Published: May 23, 2023
Updated: Jun 1, 2023
CVE: CVE-2023-31518
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
teeworlds / teeworlds	0.7.5	0.7.5.x

https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b
https://github.com/teeworlds/teeworlds/issues/2970
https://mmmds.pl/fuzzing-map-parser-part-1-teeworlds/

Vulnerability Database

290,020

CVE-2023-31518