Описание
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL pointer.
Ссылки
- ExploitRelease NotesThird Party Advisory
- ExploitRelease NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.0-000 (включая)Версия до 1.32 (включая)
Одно из
cpe:2.3:a:fisglobal:gt.m:*:*:*:*:*:*:*:*
cpe:2.3:a:yottadb:yottadb:*:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00336
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-476
Связанные уязвимости
CVSS3: 7.5
github
почти 4 года назад
An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL pointer.
EPSS
Процентиль: 56%
0.00336
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-476