GHSA-qj27-32wp-ghrg

Опубликовано: 18 дек. 2021

Источник: github

Github: Прошло ревью

CVSS4: 8.7

CVSS3: 7.5

Описание

Pyo Buffer Overflow Vulnerability

Buffer overflow in ajaxsoundstudio.com Pyo <= 1.03 in the Server_jack_init function which allows attackers to conduct Denial of Service attacks by arbitrary constructing a overlong client_name.

Ссылки

Пакеты

Наименование

pyo

pip

Затронутые версииВерсия исправления

< 1.0.4

1.0.4

EPSS

Процентиль: 55%

0.00321

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2021-41498

Дефекты

CWE-120

Связанные уязвимости

CVE-2021-41498

CVSS3: 7.5

ubuntu

около 4 лет назад

Buffer overflow in ajaxsoundstudio.com Pyo &lt and 1.03 in the Server_jack_init function. which allows attackers to conduct Denial of Service attacks by arbitrary constructing a overlong server name.

CVE-2021-41498

CVSS3: 7.5

nvd

около 4 лет назад

Buffer overflow in ajaxsoundstudio.com Pyo &lt and 1.03 in the Server_jack_init function. which allows attackers to conduct Denial of Service attacks by arbitrary constructing a overlong server name.

CVE-2021-41498

CVSS3: 7.5

debian

около 4 лет назад

Buffer overflow in ajaxsoundstudio.com Pyo &lt and 1.03 in the Server_ ...

EPSS

Процентиль: 55%

0.00321

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2021-41498

Дефекты

CWE-120