Description

GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file.

Related CPE's

a

gnu

indent

2.2.13

Vulnerable

References

https://ftp.gnu.org/gnu/indent/

Product

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W6SL3NKMH5R4S5PD2O3MTC2UR4SBVHK/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4MIUH3F63KQJWYR3FLKRZUYYRJOY6FYX/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OB6GB6FUFPV5VJAZIANDG4YNNDW6JNXX/

https://savannah.gnu.org/bugs/index.php?64503

ExploitIssue TrackingVendor Advisory

Weaknesses

[email protected]

Primary
CWE-787

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-08-14T06:15:09.683

11 months ago

Last modified

2023-11-07T04:20:11.347

8 months ago