Lucene search
HistoryAug 22, 2023 - 7:15 p.m.
CVE-2020-18780
denial of service
crafted nasm command
asm preprocessors
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.7%
A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command.
Affected configurations
Node
nasmnetwide_assemblerMatch2.14.02
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nasm | netwide_assembler | 2.14.02 | cpe:2.3:a:nasm:netwide_assembler:2.14.02:*:*:*:*:*:*:* |
References
Related
prion
prion
Design/Logic Flaw
2023-08-22 19:15:00
redhatcve
redhatcve
CVE-2020-18780
2023-08-25 18:45:21
debiancve
debiancve
CVE-2020-18780
2023-08-22 19:15:55
osv
osv
CVE-2020-18780
2023-08-22 19:15:55
ubuntucve
ubuntucve
CVE-2020-18780
2023-08-22 00:00:00
cvelist
cvelist
CVE-2020-18780
2023-08-22 00:00:00
cve
cve
CVE-2020-18780
2023-08-22 19:15:55
amazon
amazon
Medium: nasm
2023-09-27 22:48:00
nessus
nessus
Amazon Linux 2 : nasm (ALAS-2023-2277)
2023-10-05 00:00:00
RHEL 7 : nasm (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 6 : nasm (Unpatched Vulnerability)
2024-05-11 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.7%
Related for NVD:CVE-2020-18780