CVE-2023-29579

Опубликовано: 24 апр. 2023

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.

Ссылки

https://github.com/yasm/yasm/issues/214
Exploit
Issue Tracking
https://github.com/z1r00/fuzz_vuln/blob/main/yasm/stack-buffer-overflow/yasm/readmd.md
Exploit
https://github.com/yasm/yasm/issues/214
Exploit
Issue Tracking
https://github.com/z1r00/fuzz_vuln/blob/main/yasm/stack-buffer-overflow/yasm/readmd.md
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:yasm_project:yasm:1.3.0.55.g101bc:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.00028

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-787

Связанные уязвимости

CVE-2023-29579

CVSS3: 5.5

ubuntu

почти 3 года назад

CVE-2023-29579

CVSS3: 5.5

debian

почти 3 года назад

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via th ...

GHSA-9rj4-9hjf-7pcg

CVSS3: 7.8

github

почти 3 года назад

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf.

EPSS

Процентиль: 8%

0.00028

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-787