{"id":"CVE-2023-36328","details":"Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS).","modified":"2026-03-17T07:08:25.928576Z","published":"2023-09-01T16:15:08.177Z","related":["MGASA-2023-0265","USN-6402-2","openSUSE-SU-2024:13425-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00011.html"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3H2PFUTBKQUDSOJXQQS7LUSZQWT3JTW2/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46GORAXZ34MHQNUGJBKS7PJ5NSMIAJGC/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ZUPWZGPFJ4JOI2NIP7YLRKZD5YXQTBK/"},{"type":"FIX","url":"https://github.com/libtom/libtommath/pull/546"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libtom/libtommath","events":[{"introduced":"0"},{"fixed":"97e500351e653472b2ea00b37137ad0414165efe"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.2.1"}]}}],"versions":["0.01","0.02","0.03","0.04","0.05","0.06","0.07","0.08","0.09","0.10","0.11","0.12","0.13","0.14","0.15","0.16","0.17","0.18","0.19","0.20","0.21","0.22","0.23","0.24","0.25","0.26","0.27","0.28","0.29","0.30","0.31","0.32","0.33","0.34","0.35","0.36","0.37","0.38","0.39","0.40","0.41","semver","v0.42.0","v0.43.0-rc0","v1.0","v1.0-rc1","v1.0-rc2","v1.0.0-rc0","v1.0.1","v1.0.1-rc1","v1.0.1-rc2","v1.1.0","v1.1.0-rc1","v1.1.0-rc2","v1.1.0-rc3","v1.1.0-rc4","v1.1.0-rc5","v1.2.0","v1.2.0-rc1","v1.2.0-rc2","v1.2.0-rc3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-36328.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"37"}]},{"events":[{"introduced":"0"},{"last_affected":"38"}]},{"events":[{"introduced":"0"},{"last_affected":"39"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}