CVE-2023-4156

Опубликовано: 25 сент. 2023

Источник: debian

EPSS Низкий

Описание

A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gawk	fixed	1:5.2.1-1		package
gawk	no-dsa		bullseye	package
gawk	postponed		buster	package

Примечания

https://mail.gnu.org/archive/html/bug-gawk/2022-08/msg00000.html
https://mail.gnu.org/archive/html/bug-gawk/2022-08/msg00023.html
https://git.savannah.gnu.org/gitweb/?p=gawk.git;a=commitdiff;h=e709eb829448ce040087a3fc5481db6bfcaae212 (gawk-5.2.0)

EPSS

Процентиль: 8%

0.00031

Низкий

Связанные уязвимости

CVE-2023-4156

CVSS3: 4.4

ubuntu

около 2 лет назад

A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.

CVE-2023-4156

CVSS3: 6.1

redhat

больше 2 лет назад

A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.

CVE-2023-4156

CVSS3: 4.4

nvd

около 2 лет назад

A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.

CVE-2023-4156

CVSS3: 7.1

msrc

около 2 лет назад

Heap out of bound read in builtin.c

SUSE-SU-2023:3440-1

suse-cvrf

больше 2 лет назад

Security update for gawk

EPSS

Процентиль: 8%

0.00031

Низкий