CVE-2021-27799

Опубликовано: 26 фев. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generator library code.

Ссылки

http://zint.org.uk/Manual.aspx?type=p&page=3
Vendor Advisory
http://zint.org.uk/Manual.aspx?type=p&page=4
Vendor Advisory
http://zint.org.uk/Manual.aspx?type=p&page=5
Vendor Advisory
https://sourceforge.net/p/zint/code/ci/7f8c8114f31c09a986597e0ba63a49f96150368a/
Patch
Third Party Advisory
https://sourceforge.net/p/zint/tickets/218/
Exploit
Third Party Advisory
http://zint.org.uk/Manual.aspx?type=p&page=3
Vendor Advisory
http://zint.org.uk/Manual.aspx?type=p&page=4
Vendor Advisory
http://zint.org.uk/Manual.aspx?type=p&page=5
Vendor Advisory
https://sourceforge.net/p/zint/code/ci/7f8c8114f31c09a986597e0ba63a49f96150368a/
Patch
Third Party Advisory
https://sourceforge.net/p/zint/tickets/218/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zint:barcode_generator:2.9.1:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01012

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2021-27799

CVSS3: 7.5

ubuntu

почти 5 лет назад

CVE-2021-27799

CVSS3: 7.5

debian

почти 5 лет назад

ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 ...

GHSA-rr98-pccv-8m4w

github

больше 3 лет назад

ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.19.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generator library code.

EPSS

Процентиль: 77%

0.01012

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-787