exploitDog

GHSA-9h29-g2j9-rh36

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free condition.

Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free condition.

Ссылки

EPSS

Процентиль: 78%

0.01132

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2017-1000172

Дефекты

CWE-416

Связанные уязвимости

CVE-2017-1000172

CVSS3: 9.8

nvd

около 8 лет назад

Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed. Line 542 of gravity_lexer.c. 'lexer' is being used to access a variable but 'lexer' has already been freed, creating a Heap Use-After-Free condition.

EPSS

Процентиль: 78%

0.01132

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2017-1000172

Дефекты

CWE-416