CVE-2018-20591

2018-12-3018:29:00

Google

osv.dev

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.8%

JSON

A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx.

CPENameOperatorVersion
libmingeqming-0_4_0_rc1
libmingeqming-0_3_0
libmingeqming-0_4_5
libmingeqming-0_4_0_beta4
libmingeqming-0_4_0_beta5
libmingeqming-0_4_4
libmingeqming-0_4_6
libmingeqming-0_4_0_beta3
libmingeqming-0_4_0_rc2
libmingeqming-0_4_7

Name	Operator	Version
libming	eq	ming-0_4_0_rc1
libming	eq	ming-0_3_0
libming	eq	ming-0_4_5
libming	eq	ming-0_4_0_beta4
libming	eq	ming-0_4_0_beta5
libming	eq	ming-0_4_4
libming	eq	ming-0_4_6
libming	eq	ming-0_4_0_beta3
libming	eq	ming-0_4_0_rc2
libming	eq	ming-0_4_7

Rows per page:

1-10 of 131

References

github.com/libming/libming/issues/168