Описание
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
Ссылки
- Third Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.60.8 (исключая)
cpe:2.3:a:gnu:aspell:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.0036
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 9.1
ubuntu
больше 6 лет назад
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
CVSS3: 6.6
redhat
больше 6 лет назад
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
CVSS3: 9.1
debian
больше 6 лет назад
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over- ...
github
больше 3 лет назад
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
EPSS
Процентиль: 58%
0.0036
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-125