CVE-2015-10067

low-risk
Published 2023-01-18

A vulnerability was found in oznetmaster SSharpSmartThreadPool. It has been classified as problematic. This affects an unknown part of the file SSharpSmartThreadPool/SmartThreadPool.cs. The manipulation leads to race condition within a thread. The complexity of an attack is rather high. The exploitability is told to be difficult. The patch is named 0e58073c831093aad75e077962e9fb55cad0dc5f. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218463.

Do I need to act?

-
0.38% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.6/10 Medium
ADJACENT_NETWORK / HIGH complexity

Affected Products (1)

Ssharpsmartthreadpool

Affected Vendors

Ssharpsmartthreadpool Project

References (6)

Patch https://github.com/oznetmaster/SSharpSmartThreadPool/commit/0e58073c831093aad75e...
Permissions Required https://vuldb.com/?ctiid.218463
Permissions Required https://vuldb.com/?id.218463
Patch https://github.com/oznetmaster/SSharpSmartThreadPool/commit/0e58073c831093aad75e...
Permissions Required https://vuldb.com/?ctiid.218463
Permissions Required https://vuldb.com/?id.218463
18
/ 100
low-risk
Severity 12/34 · Low
Exploitability 1/34 · Minimal
Exposure 5/34 · Minimal