Cross site scripting

2020-12-0917:15:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.9%

JSON

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet.

CPENameOperatorVersion
nuttxeq10.0.0
nuttxle9.1.0

CPE	Name	Operator	Version
	nuttx	eq	10.0.0
	nuttx	le	9.1.0

References

www.openwall.com/lists/oss-security/2020/12/09/4

lists.apache.org/thread.html/r7f4215aba288660b41b7e731b6262c8275fa476e91e527a74d2888ea%40%3Cdev.nuttx.apache.org%3E