{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "3.07.01" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "4.3.1" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "2ba59bf969e94a0544e73e501d876722790f7a89" } ], "repo": "https://github.com/siliconlabs/gecko_sdk", "type": "GIT" }, { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "3.01.01" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "66272f451b35abda4cb23a78c5d91dd04ab59ee8" } ], "repo": "https://github.com/weston-embedded/uc-http", "type": "GIT" } ] } ], "details": "A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.", "id": "CVE-2023-27882", "modified": "2026-03-13T21:55:02.061981371Z", "published": "2023-11-14T10:15:27.113Z", "references": [ { "type": "WEB", "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1733" }, { "type": "EVIDENCE", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1733" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }