CVE-2017-12471

2018-02-0717:29:00

Google

osv.dev

9.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.8%

JSON

The cnb_parse_lev function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging failure to check for out-of-bounds conditions, which triggers an invalid read in the hexdump function.

CPENameOperatorVersion
ccn-liteeq0.3.0
ccn-liteeq0.3.1
ccn-liteeq0.1.0

Name	Operator	Version
ccn-lite	eq	0.3.0
ccn-lite	eq	0.3.1
ccn-lite	eq	0.1.0

References

github.com/cn-uofbasel/ccn-lite/issues/137

github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0