CVE-2018-8881

Опубликовано: 20 мар. 2018

Источник: nvd

CVSS3: 7.3

CVSS2: 6.8

EPSS Низкий

Описание

Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
https://bugzilla.nasm.us/show_bug.cgi?id=3392446
Issue Tracking
Vendor Advisory
https://usn.ubuntu.com/3694-1/
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
https://bugzilla.nasm.us/show_bug.cgi?id=3392446
Issue Tracking
Vendor Advisory
https://usn.ubuntu.com/3694-1/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nasm:netwide_assembler:2.13.02:rc2:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 44%

0.00215

Низкий

7.3 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2018-8881

CVSS3: 7.3

ubuntu

почти 8 лет назад

Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.

CVE-2018-8881

CVSS3: 3.3

redhat

больше 8 лет назад

Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.

CVE-2018-8881

CVSS3: 7.3

debian

почти 8 лет назад

Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read ...

GHSA-x2vw-jwp7-h598

CVSS3: 7.3

github

больше 3 лет назад

Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.

openSUSE-SU-2020:0954-1

suse-cvrf

больше 5 лет назад

Security update for nasm

EPSS

Процентиль: 44%

0.00215

Низкий

7.3 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125