CVE-2021-38467

Опубликовано: 22 окт. 2021

Источник: nvd

CVSS3: 7.3

CVSS3: 8.1

CVSS2: 5.5

EPSS Низкий

Описание

A specific function code receives a raw pointer supplied by the user and deallocates this pointer. The user can then control what memory regions will be freed and cause use-after-free condition.

Ссылки

https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01
Patch
Third Party Advisory
US Government Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01
Patch
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:auvesy:versiondog:*:*:*:*:*:*:*:*

Версия до 8.0.0 (исключая)

EPSS

Процентиль: 37%

0.0016

Низкий

7.3 High

CVSS3

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-416

Связанные уязвимости

GHSA-3xx9-5w7v-mp8g

github

больше 3 лет назад

A specific function code receives a raw pointer supplied by the user and deallocates this pointer. The user can then control what memory regions will be freed and cause use-after-free condition.

EPSS

Процентиль: 37%

0.0016

Низкий

7.3 High

CVSS3

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-416