Описание
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| cflow | fixed | 1:1.6-6 | package |
Примечания
https://lists.gnu.org/archive/html/bug-cflow/2019-04/msg00000.html
https://git.savannah.gnu.org/cgit/cflow.git/commit/?id=b9a7cd5e9d4efb54141dd0d11c319bb97a4600c6
Crash in CLI tool, no security impact
EPSS
Процентиль: 66%
0.00513
Низкий
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 6 лет назад
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.
CVSS3: 6.5
nvd
больше 6 лет назад
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.
CVSS3: 6.5
github
больше 3 лет назад
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.
EPSS
Процентиль: 66%
0.00513
Низкий