CVE-2025-0633

Опубликовано: 19 фев. 2025

Источник: redhat

CVSS3: 4

Описание

Heap-based Buffer Overflow vulnerability in iniparser_dumpsection_ini() in iniparser allows attacker to read out of bound memory

A flaw was found in iniparser. This vulnerability allows an attacker to read out-of-bound memory via iniparser_dumpsection_ini().

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 10	iniparser	Fix deferred
Red Hat Enterprise Linux 7	iniparser	Out of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=2346474iniparser: Heap Overflow in iniparser.c

4 Medium

CVSS3

Связанные уязвимости

CVE-2025-0633

ubuntu

12 месяцев назад

Heap-based Buffer Overflow vulnerability in iniparser_dumpsection_ini() in iniparser allows attacker to read out of bound memory

CVE-2025-0633

nvd

12 месяцев назад

Heap-based Buffer Overflow vulnerability in iniparser_dumpsection_ini() in iniparser allows attacker to read out of bound memory

CVE-2025-0633

msrc

11 месяцев назад

Описание отсутствует

CVE-2025-0633

debian

12 месяцев назад

Heap-based Buffer Overflow vulnerability ininiparser_dumpsection_ini() ...

SUSE-SU-2025:0845-1

suse-cvrf

11 месяцев назад

Security update for iniparser

4 Medium

CVSS3