CVE-2020-25340
NFStream Local Denial of Service (DoS)
5.5
MEDIUM
CVSS 3.1
EPSS 0.05%
Description
An issue was discovered in NFStream 5.2.0. Because some allocated modules are not correctly freed, if the nfstream object is directly destroyed without being used after it is created, it will cause a memory leak that may result in a local denial of service (DoS).
How to fix CVE-2020-25340
To remediate CVE-2020-25340, upgrade the affected package to a fixed version below.
- —no fix listed
- —upgrade to 6.0.0 or later
Is CVE-2020-25340 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 6.0.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
| osv | CVSS 3.1 | MEDIUM5.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |