CVE-2019-16707

Опубликовано: 18 мар. 2019

Источник: redhat

CVSS3: 5.8

EPSS Низкий

Описание

Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.

Отчет

This is unlikely to be an issue in a real world scenario, as it requires specially crafted Hunspell dictionaries, which are not shipped with Red Hat Enterprise Linux. Additionally, applications using Hunspell will likely filter out invalid input before passing it on, which further limits the impact.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	hunspell	Out of support scope
Red Hat Enterprise Linux 8	hunspell	Not affected
Red Hat Enterprise Linux 7	hunspell	Fixed	RHSA-2020:3971	29.09.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-119->CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1771026hunspell: out-of-bounds read in SuggestMgr::leftcommonsubstring in suggestmgr.cxx

EPSS

Процентиль: 67%

0.0053

Низкий

5.8 Medium

CVSS3

Связанные уязвимости

CVE-2019-16707

CVSS3: 6.5

ubuntu

больше 6 лет назад

Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.

CVE-2019-16707

CVSS3: 6.5

nvd

больше 6 лет назад

Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.

CVE-2019-16707

CVSS3: 6.5

msrc

5 месяцев назад

Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.

CVE-2019-16707

CVSS3: 6.5

debian

больше 6 лет назад

Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommon ...

openSUSE-SU-2020:1719-1

suse-cvrf

больше 5 лет назад

Security update for hunspell

EPSS

Процентиль: 67%

0.0053

Низкий

5.8 Medium

CVSS3