Lucene search

[email protected]CVE-2020-28163

HistoryApr 16, 2023 - 12:15 a.m.

CVE-2020-28163

2023-04-1600:15:07

CWE-476

[email protected]

web.nvd.nist.gov

libdwarf

cve-2020-28163

null pointer dereference

application crash

dwarf5

nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.9%

JSON

libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname.

Affected configurations

NVD

Node

libdwarf_projectlibdwarfRange<2020-12-01

CPENameOperatorVersion
libdwarf_project:libdwarflibdwarf project libdwarflt2020-12-01

CPE	Name	Operator	Version
libdwarf_project:libdwarf	libdwarf project libdwarf	lt	2020-12-01

References

web.archive.org/web/20190601140703/sourceforge.net/projects/libdwarf/

bugzilla.redhat.com/show_bug.cgi?id=2026000

github.com/davea42/libdwarf-code/commit/faf99408e3f9f706fc3809dd400e831f989778d3

www.prevanders.net/dwarfbug.html#DW202010-003

Social References

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.9%

JSON

Related for CVE-2020-28163

prion1 veracode1 osv1 cvelist1 debiancve1 redhatcve1 ubuntucve1 nvd1 cbl_mariner1 nessus2