Описание
musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8.
Ссылки
- Patch
- Patch
- Mailing ListMitigationThird Party Advisory
- Mailing ListMitigationThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListMitigationThird Party Advisory
- Mailing ListMitigationThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 0.9.13 (включая) до 1.2.6 (исключая)
cpe:2.3:a:musl-libc:musl:*:*:*:*:*:*:*:*
EPSS
Процентиль: 5%
0.00022
Низкий
8.1 High
CVSS3
7 High
CVSS3
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 8.1
ubuntu
12 месяцев назад
musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8.
CVSS3: 8.1
debian
12 месяцев назад
musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ...
CVSS3: 8.1
github
12 месяцев назад
musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8.
CVSS3: 8.1
fstec
12 месяцев назад
Уязвимость функции iconv библиотеки musl libc, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 5%
0.00022
Низкий
8.1 High
CVSS3
7 High
CVSS3
Дефекты
CWE-787