Описание
In radare2 through 3.5.1, there is a heap-based buffer over-read in the r_egg_lang_parsechar function of egg_lang.c. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of missing length validation in libr/egg/egg.c.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | needs-triage | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE |
Показывать по
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
In radare2 through 3.5.1, there is a heap-based buffer over-read in the r_egg_lang_parsechar function of egg_lang.c. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of missing length validation in libr/egg/egg.c.
In radare2 through 3.5.1, there is a heap-based buffer over-read in th ...
In radare2 through 3.5.1, there is a heap-based buffer over-read in the r_egg_lang_parsechar function of egg_lang.c. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of missing length validation in libr/egg/egg.c.
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3