Описание
Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack."
Ссылки
- Mailing ListThird Party Advisory
- Broken Link
- Third Party Advisory
- Mailing ListThird Party Advisory
- Broken Link
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.8.0 (исключая)
cpe:2.3:a:call-cc:chicken:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00425
Низкий
6.5 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 6 лет назад
Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack."
CVSS3: 6.5
debian
больше 6 лет назад
Chicken before 4.8.0 does not properly handle NUL bytes in certain str ...
CVSS3: 6.5
github
почти 4 года назад
Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack."
EPSS
Процентиль: 62%
0.00425
Низкий
6.5 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-20