{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "1.2.2" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "5fe977195c1d4967e4cd72cef9efe4dc4de44e43" } ], "repo": "https://github.com/ntpsec/ntpsec", "type": "GIT" } ] }, { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "1.2.2" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "5fe977195c1d4967e4cd72cef9efe4dc4de44e43" } ], "repo": "https://gitlab.com/ntpsec/ntpsec", "type": "GIT" } ] } ], "database_specific": { "cna_assigner": "GitLab", "cwe_ids": [ "CWE-372" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/4xxx/CVE-2023-4012.json" }, "details": "ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3).", "id": "CVE-2023-4012", "modified": "2026-04-01T23:07:46.703056172Z", "published": "2023-08-07T17:30:33.452Z", "references": [ { "type": "WEB", "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038422" }, { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/4xxx/CVE-2023-4012.json" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4012" }, { "type": "REPORT", "url": "https://gitlab.com/NTPsec/ntpsec/-/issues/794" } ], "schema_version": "1.7.3", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ], "summary": "Incomplete Internal State Distinction in ntpsec" }