Lucene search
GoogleOSV:GHSA-X67X-VG9M-65C3HistoryAug 25, 2021 - 8:55 p.m.
Integer overflow in base64
2021-08-2520:55:27
Google
osv.dev
2
base64
buffer size
integer overflow
memory corruption
software security
arbitrary code execution
EPSS
0.002
Percentile
59.8%
Affected versions of this crate suffered from an integer overflow bug when
calculating the size of a buffer to use when encoding base64 using the
encode_config_buf and encode_config functions. If the input string
was large, this would cause a buffer to be allocated that was too small.
Since this function writes to the buffer using unsafe code, it would
allow an attacker to write beyond the buffer, causing memory corruption
and possibly the execution of arbitrary code.
This flaw was corrected by using checked arithmetic to calculate
the size of the buffer.
Related
github
github
Integer overflow in base64
2021-08-25 20:55:27
rustsec
rustsec
Integer overflow leads to heap-based buffer overflow in encode_config_buf
2017-05-03 12:00:00
prion
prion
Buffer overflow
2018-01-02 20:29:00
cvelist
cvelist
CVE-2017-1000430
2018-01-02 20:00:00
debiancve
debiancve
CVE-2017-1000430
2018-01-02 20:29:00
osv
osv
Integer overflow leads to heap-based buffer overflow in encode_config_buf
2017-05-03 12:00:00
CVE-2017-1000430
2018-01-02 20:29:00
nvd
nvd
CVE-2017-1000430
2018-01-02 20:29:00
cve
cve
CVE-2017-1000430
2018-01-02 20:29:00