exploitDog

GHSA-5rmc-h6xf-rx3w

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c.

Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c.

Ссылки

EPSS

Процентиль: 36%

0.00155

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-476

Связанные уязвимости

CVE-2018-11591

CVSS3: 5.5

nvd

больше 7 лет назад

Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c.

EPSS

Процентиль: 36%

0.00155

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-476