CVE-2023-46046 - Vulnerability Details - OpenCVE

Description

An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference via ti_expr in a crafted .mzn file. NOTE: this is disputed because there is no common libminizinc use case in which an unattended process is supposed to run forever to process a series of atttacker-controlled .mzn files.

Published: 2024-03-27

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

No data.

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0009.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
http://packetstormsecurity.com/files/176817/MiniZinc-2.7.6-Null-Pointer.html
http://seclists.org/fulldisclosure/2024/Jan/63
https://github.com/MiniZinc/libminizinc/commit/afe67acc20898e4308044b54c4acf7a08df544f0
https://github.com/MiniZinc/libminizinc/issues/730
https://www.minizinc.org/doc-2.8.3/en/changelog.html

History

Tue, 04 Nov 2025 19:30:00 +0000

Type	Values Removed	Values Added
References		http://packetstormsecurity.com/files/176817/MiniZinc-2.7.6-Null-Pointer.html

Tue, 05 Nov 2024 16:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-476
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-03-27T00:00:00.000Z

Updated: 2025-11-04T18:18:37.323Z

Reserved: 2023-10-16T00:00:00.000Z

Link: CVE-2023-46046

Vulnrichment

Updated: 2025-11-04T18:18:37.323Z

NVD

Status : Deferred

Published: 2024-03-27T05:15:47.440

Modified: 2026-04-15T00:35:42.020

Link: CVE-2023-46046

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-476

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-46046", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-11-04T18:18:37.323Z", "dateReserved": "2023-10-16T00:00:00.000Z", "datePublished": "2024-03-27T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-03-27T04:54:21.950Z"}, "descriptions": [{"lang": "en", "value": "An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference via ti_expr in a crafted .mzn file. NOTE: this is disputed because there is no common libminizinc use case in which an unattended process is supposed to run forever to process a series of atttacker-controlled .mzn files."}], "tags": ["disputed"], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/MiniZinc/libminizinc/issues/730"}, {"name": "20240126 null pointer deference in MiniZinc via a crafted .mzn file", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2024/Jan/63"}, {"url": "https://www.minizinc.org/doc-2.8.3/en/changelog.html"}, {"url": "https://github.com/MiniZinc/libminizinc/commit/afe67acc20898e4308044b54c4acf7a08df544f0"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-476", "lang": "en", "description": "CWE-476 NULL Pointer Dereference"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-04-17T03:12:01.295697Z", "id": "CVE-2023-46046", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-05T15:23:01.937Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://github.com/MiniZinc/libminizinc/issues/730", "tags": ["x_transferred"]}, {"name": "20240126 null pointer deference in MiniZinc via a crafted .mzn file", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2024/Jan/63"}, {"url": "https://www.minizinc.org/doc-2.8.3/en/changelog.html", "tags": ["x_transferred"]}, {"url": "https://github.com/MiniZinc/libminizinc/commit/afe67acc20898e4308044b54c4acf7a08df544f0", "tags": ["x_transferred"]}, {"url": "http://packetstormsecurity.com/files/176817/MiniZinc-2.7.6-Null-Pointer.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T18:18:37.323Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/MiniZinc/libminizinc/issues/730", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Jan/63", "name": "20240126 null pointer deference in MiniZinc via a crafted .mzn file", "tags": ["mailing-list", "x_transferred"]}, {"url": "https://www.minizinc.org/doc-2.8.3/en/changelog.html", "tags": ["x_transferred"]}, {"url": "https://github.com/MiniZinc/libminizinc/commit/afe67acc20898e4308044b54c4acf7a08df544f0", "tags": ["x_transferred"]}, {"url": "http://packetstormsecurity.com/files/176817/MiniZinc-2.7.6-Null-Pointer.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T18:18:37.323Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-46046", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-17T03:12:01.295697Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:19.042Z"}}], "cna": {"tags": ["disputed"], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/MiniZinc/libminizinc/issues/730"}, {"url": "http://seclists.org/fulldisclosure/2024/Jan/63", "name": "20240126 null pointer deference in MiniZinc via a crafted .mzn file", "tags": ["mailing-list"]}, {"url": "https://www.minizinc.org/doc-2.8.3/en/changelog.html"}, {"url": "https://github.com/MiniZinc/libminizinc/commit/afe67acc20898e4308044b54c4acf7a08df544f0"}], "descriptions": [{"lang": "en", "value": "An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference via ti_expr in a crafted .mzn file. NOTE: this is disputed because there is no common libminizinc use case in which an unattended process is supposed to run forever to process a series of atttacker-controlled .mzn files."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-03-27T04:54:21.950Z"}}}, "cveMetadata": {"cveId": "CVE-2023-46046", "state": "PUBLISHED", "dateUpdated": "2025-11-04T18:18:37.323Z", "dateReserved": "2023-10-16T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-03-27T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference via ti_expr in a crafted .mzn file. NOTE: this is disputed because there is no common libminizinc use case in which an unattended process is supposed to run forever to process a series of atttacker-controlled .mzn files."}, {"lang": "es", "value": "Un problema en MiniZinc anterior a 2.8.0 permite una desreferencia de puntero NULL a trav\u00e9s de ti_expr en un archivo .mzn manipulado. NOTA: esto est\u00e1 en disputa porque no existe un caso de uso com\u00fan de libminizinc en el que se suponga que un proceso desatendido debe ejecutarse indefinidamente para procesar una serie de archivos .mzn controlados por atacantes."}], "id": "CVE-2023-46046", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-27T05:15:47.440", "references": [{"source": "cve@mitre.org", "url": "http://seclists.org/fulldisclosure/2024/Jan/63"}, {"source": "cve@mitre.org", "url": "https://github.com/MiniZinc/libminizinc/commit/afe67acc20898e4308044b54c4acf7a08df544f0"}, {"source": "cve@mitre.org", "url": "https://github.com/MiniZinc/libminizinc/issues/730"}, {"source": "cve@mitre.org", "url": "https://www.minizinc.org/doc-2.8.3/en/changelog.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packetstormsecurity.com/files/176817/MiniZinc-2.7.6-Null-Pointer.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Jan/63"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/MiniZinc/libminizinc/commit/afe67acc20898e4308044b54c4acf7a08df544f0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/MiniZinc/libminizinc/issues/730"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.minizinc.org/doc-2.8.3/en/changelog.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}