CVSS Score of 10 (low)


Published Jun 14, 2023
Updated: Jun 28, 2023
CWE ID 125


CVE-2023-3040 is a vulnerability found in the lua-resty-json package up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a. This vulnerability allows an attacker to launch a Denial of Service (DoS) attack if the debug function in the package is used to parse untrusted input data. However, it is important to note that this debug function was only used in tests and demos, making it not exploitable in a normal environment. The affected product is rzvSO8. The risk score for this vulnerability is 27.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-3040 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options