CVE-2025-8734

Опубликовано: 08 авг. 2025

Источник: ubuntu

Приоритет: low

CVSS2: 1.7

CVSS3: 3.3

Описание

A vulnerability has been found in GNU Bison up to 3.8.2. This impacts the function code_free of the file src/scan-code.c. The manipulation leads to double free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The actual existence of this vulnerability is currently in question. The issue could not be reproduced from a GNU Bison 3.8.2 tarball run in a Fedora 42 container.

Релиз	Статус	Примечание
devel	needs-triage
esm-infra/bionic	needs-triage
esm-infra/focal	needs-triage
esm-infra/xenial	needs-triage
jammy	needs-triage
noble	needs-triage
plucky	needs-triage
questing	needs-triage
upstream	needs-triage

Показывать по

Ссылки на источники

1.7 Low

CVSS2

3.3 Low

CVSS3

Связанные уязвимости

CVE-2025-8734

CVSS3: 3.3

redhat

2 месяца назад

CVE-2025-8734

CVSS3: 3.3

nvd

2 месяца назад

CVE-2025-8734

CVSS3: 3.3

debian

2 месяца назад

A vulnerability has been found in GNU Bison up to 3.8.2. This impacts ...

ROS-20250828-02

CVSS3: 3.3

redos

около 2 месяцев назад

Уязвимость bison

GHSA-4hgq-524g-4jf8

CVSS3: 3.3

github

2 месяца назад

A vulnerability classified as problematic has been found in GNU Bison up to 3.8.2. Affected is the function code_free of the file src/scan-code.c. The manipulation leads to double free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

1.7 Low

CVSS2

3.3 Low

CVSS3

CVE-2025-8734

Описание

Пакет bison

Ссылки на источники

Связанные уязвимости