Описание
nodemcu before v3.0.0-release_20240225 was discovered to contain an integer overflow via the getnum function at /modules/struct.c.
nodemcu before v3.0.0-release_20240225 was discovered to contain an integer overflow via the getnum function at /modules/struct.c.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-36671
- https://github.com/nodemcu/nodemcu-firmware/issues/3626
- https://github.com/nodemcu/nodemcu-firmware/pull/3633
- https://github.com/nodemcu/nodemcu-firmware/pull/3634
- https://github.com/nodemcu/nodemcu-firmware/pull/3635
- https://github.com/nodemcu/nodemcu-firmware/commit/193fe3593eb1537667179089535cdb7457327887#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721
Связанные уязвимости
CVSS3: 9.8
nvd
около 1 года назад
nodemcu before v3.0.0-release_20240225 was discovered to contain an integer overflow via the getnum function at /modules/struct.c.