Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-14337

Опубликовано: 17 июл. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length.

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support, was needs-triage
cosmic

ignored

end of life
devel

not-affected

2.0.0-1
disco

not-affected

2.0.0-1
eoan

not-affected

2.0.0-1
esm-apps/bionic

needs-triage

esm-apps/focal

not-affected

2.0.0-1
esm-apps/jammy

not-affected

2.0.0-1
esm-apps/noble

not-affected

2.0.0-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 58%
0.00364
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-14337

CVSS3: 7.5
nvd
больше 7 лет назад

The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length.

debian логотип

CVE-2018-14337

CVSS3: 7.5
debian
больше 7 лет назад

The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 ...

github логотип

GHSA-hrqc-789v-hchf

CVSS3: 7.5
github
почти 4 года назад

The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length.

EPSS

Процентиль: 58%
0.00364
Низкий

5 Medium

CVSS2

7.5 High

CVSS3