Описание
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 20140202stable-2deb8u1build0.18.04.1 |
| cosmic | released | 20140202+stable-3.1~build0.18.10.1 |
| devel | not-affected | 20140202+stable-3.1 |
| disco | not-affected | 20140202+stable-3.1 |
| esm-apps/bionic | released | 20140202stable-2deb8u1build0.18.04.1 |
| esm-apps/xenial | released | 20140202stable-2deb8u1build0.16.04.1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was needed |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018- ...
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3