exploitDog

CVE-2023-31725

Опубликовано: 17 мая 2023

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c.

Ссылки

https://github.com/DaisyPo/fuzzing-vulncollect/tree/main/yasm/heap-use-after-free/nasm-pp.c:3878%20in%20expand_mmac_params
Exploit
Third Party Advisory
https://github.com/yasm/yasm/issues/221
Exploit
Issue Tracking
Third Party Advisory
https://github.com/DaisyPo/fuzzing-vulncollect/tree/main/yasm/heap-use-after-free/nasm-pp.c:3878%20in%20expand_mmac_params
Exploit
Third Party Advisory
https://github.com/yasm/yasm/issues/221
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:yasm_project:yasm:1.3.0.55.g101bc:*:*:*:*:*:*:*

EPSS

Процентиль: 6%

0.00023

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-416

CWE-416

Связанные уязвимости

CVE-2023-31725

CVSS3: 5.5

ubuntu

больше 2 лет назад

yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c.

CVE-2023-31725

CVSS3: 5.5

debian

больше 2 лет назад

yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free v ...

GHSA-v8xh-gh45-h3h5

CVSS3: 5.5

github

больше 2 лет назад

yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c.

EPSS

Процентиль: 6%

0.00023

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-416

CWE-416