UBUNTU-CVE-2023-49287

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2023-49287
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2023-49287
Upstream
Published
2023-12-04T06:15:00Z
Modified
2025-10-24T05:02:21Z
Severity
  • 7.7 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

TinyDir is a lightweight C directory and file reader. Buffer overflows in the tinydir_file_open() function. This vulnerability has been patched in version 1.2.6.

References

Affected packages

Ubuntu:20.04:LTS

lwip

Package

Name
lwip
Purl
pkg:deb/ubuntu/lwip@2.1.2+dfsg1-4?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1.2-3
2.1.2-5.1
2.1.2+dfsg1-1
2.1.2+dfsg1-4

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "liblwip-dev",
            "binary_version": "2.1.2+dfsg1-4"
        },
        {
            "binary_name": "liblwip0",
            "binary_version": "2.1.2+dfsg1-4"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"

Ubuntu:22.04:LTS

gemmi

Package

Name
gemmi
Purl
pkg:deb/ubuntu/gemmi@0.5.3+ds-2?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.4.9+ds-1
0.5.0+ds-1
0.5.1+ds-1
0.5.2+ds-1
0.5.2+ds-1ubuntu1
0.5.2+ds-2ubuntu1
0.5.2+ds-2ubuntu3
0.5.3+ds-1ubuntu1
0.5.3+ds-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "gemmi",
            "binary_version": "0.5.3+ds-2"
        },
        {
            "binary_name": "gemmi-dev",
            "binary_version": "0.5.3+ds-2"
        },
        {
            "binary_name": "python3-gemmi",
            "binary_version": "0.5.3+ds-2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"

lwip

Package

Name
lwip
Purl
pkg:deb/ubuntu/lwip@2.1.3+dfsg1-1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1.2+dfsg1-8
2.1.2+dfsg1-9
2.1.3+dfsg1-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "liblwip-dev",
            "binary_version": "2.1.3+dfsg1-1"
        },
        {
            "binary_name": "liblwip0",
            "binary_version": "2.1.3+dfsg1-1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"

Ubuntu:24.04:LTS

falcosecurity-libs

Package

Name
falcosecurity-libs
Purl
pkg:deb/ubuntu/falcosecurity-libs@0.15.1-2ubuntu1.2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.11.3+repack-6ubuntu1
0.11.3+repack-6ubuntu2
0.14.1-1ubuntu2
0.14.1-2ubuntu2
0.14.1-2ubuntu3
0.14.1-3ubuntu1
0.14.1-5ubuntu1
0.14.1-5.1ubuntu3
0.14.1-5.1ubuntu4
0.15.1-1ubuntu3
0.15.1-2ubuntu1
0.15.1-2ubuntu1.1
0.15.1-2ubuntu1.2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "falcosecurity-scap-dkms",
            "binary_version": "0.15.1-2ubuntu1.2"
        },
        {
            "binary_name": "libfalcosecurity0-dev",
            "binary_version": "0.15.1-2ubuntu1.2"
        },
        {
            "binary_name": "libfalcosecurity0t64",
            "binary_version": "0.15.1-2ubuntu1.2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"

gemmi

Package

Name
gemmi
Purl
pkg:deb/ubuntu/gemmi@0.6.4+ds-1build1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.6.2+ds-5
0.6.3+ds-1
0.6.4+ds-1
0.6.4+ds-1build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "gemmi",
            "binary_version": "0.6.4+ds-1build1"
        },
        {
            "binary_name": "gemmi-dev",
            "binary_version": "0.6.4+ds-1build1"
        },
        {
            "binary_name": "python3-gemmi",
            "binary_version": "0.6.4+ds-1build1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"

lwip

Package

Name
lwip
Purl
pkg:deb/ubuntu/lwip@2.2.0+dfsg1-6.1build2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1.3+dfsg1-2
2.1.3+dfsg1-4
2.2.0+dfsg1-2
2.2.0+dfsg1-3
2.2.0+dfsg1-4
2.2.0+dfsg1-5
2.2.0+dfsg1-6
2.2.0+dfsg1-6.1
2.2.0+dfsg1-6.1build1
2.2.0+dfsg1-6.1build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "liblwip-dev",
            "binary_version": "2.2.0+dfsg1-6.1build2"
        },
        {
            "binary_name": "liblwip0t64",
            "binary_version": "2.2.0+dfsg1-6.1build2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"

Ubuntu:25.04

falcosecurity-libs

Package

Name
falcosecurity-libs
Purl
pkg:deb/ubuntu/falcosecurity-libs@0.20.0-1ubuntu2?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.15.1-4ubuntu2
0.18.1-2ubuntu3
0.18.1-2ubuntu4
0.20.0-1ubuntu2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "falcosecurity-scap-dkms",
            "binary_version": "0.20.0-1ubuntu2"
        },
        {
            "binary_name": "libfalcosecurity0-dev",
            "binary_version": "0.20.0-1ubuntu2"
        },
        {
            "binary_name": "libfalcosecurity0t64",
            "binary_version": "0.20.0-1ubuntu2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"

gemmi

Package

Name
gemmi
Purl
pkg:deb/ubuntu/gemmi@0.6.5+ds-3?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.6.5+ds-2
0.6.5+ds-2build1
0.6.5+ds-3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "gemmi",
            "binary_version": "0.6.5+ds-3"
        },
        {
            "binary_name": "gemmi-dev",
            "binary_version": "0.6.5+ds-3"
        },
        {
            "binary_name": "python3-gemmi",
            "binary_version": "0.6.5+ds-3"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"

lwip

Package

Name
lwip
Purl
pkg:deb/ubuntu/lwip@2.2.1+dfsg1-1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.2.0+dfsg1-7
2.2.0+dfsg1-8
2.2.0+dfsg1-9
2.2.1+dfsg1-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "liblwip-dev",
            "binary_version": "2.2.1+dfsg1-1"
        },
        {
            "binary_name": "liblwip0t64",
            "binary_version": "2.2.1+dfsg1-1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"

Ubuntu:25.10

falcosecurity-libs

Package

Name
falcosecurity-libs
Purl
pkg:deb/ubuntu/falcosecurity-libs@0.20.0-3?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.20.0-1ubuntu2
0.20.0-3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "falcosecurity-scap-dkms",
            "binary_version": "0.20.0-3"
        },
        {
            "binary_name": "libfalcosecurity0-dev",
            "binary_version": "0.20.0-3"
        },
        {
            "binary_name": "libfalcosecurity0t64",
            "binary_version": "0.20.0-3"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"

gemmi

Package

Name
gemmi
Purl
pkg:deb/ubuntu/gemmi@0.6.5+ds-3?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.6.5+ds-3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "gemmi",
            "binary_version": "0.6.5+ds-3"
        },
        {
            "binary_name": "gemmi-dev",
            "binary_version": "0.6.5+ds-3"
        },
        {
            "binary_name": "python3-gemmi",
            "binary_version": "0.6.5+ds-3"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"

lwip

Package

Name
lwip
Purl
pkg:deb/ubuntu/lwip@2.2.1+dfsg1-2?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.2.1+dfsg1-1
2.2.1+dfsg1-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "liblwip-dev",
            "binary_version": "2.2.1+dfsg1-2"
        },
        {
            "binary_name": "liblwip0t64",
            "binary_version": "2.2.1+dfsg1-2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49287.json"