Описание
An issue was discovered in py-lmdb 0.97. For certain values of mn_flags, mdb_cursor_set triggers a memcpy with an invalid write operation within mdb_xcursor_init1. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.97 (включая)
cpe:2.3:a:py-lmdb_project:py-lmdb:*:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00402
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 6 лет назад
An issue was discovered in py-lmdb 0.97. For certain values of mn_flags, mdb_cursor_set triggers a memcpy with an invalid write operation within mdb_xcursor_init1. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.
CVSS3: 9.8
debian
больше 6 лет назад
An issue was discovered in py-lmdb 0.97. For certain values of mn_flag ...
EPSS
Процентиль: 60%
0.00402
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787