cvedb.io
CVE-2023-3036
HIGH · CVSS 8.6
EPSS exploitation probability: 0%
Published 2023-06-14T12:15:09.647 · Last modified 2026-06-17T06:13:13.443

Summary

An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71  enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packet contents.

Affected products

cloudflare — cfnts

Does this affect you?

Add your gear to cvedb and we'll alert you only when cloudflare ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.