9 matches found
CVE-2020-24240
creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...
Linux Distros Unpatched Vulnerability : CVE-2020-24240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if...
RHEL 6 : bison (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bison: use-after-free via crafted input file containing a NULL byte can lead to DoS CVE-2020-24240 - GNU...
SUSE CVE-2020-24240
GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...
Huawei EulerOS: Security Advisory for bison (EulerOS-SA-2022-2642)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : bison (EulerOS-SA-2022-2642)
According to the versions of the bison packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-24240. Reason: This candidate is a reservation duplicate of CVE-2020-24240. Notes: All CVE users should reference CVE-2020-24240 instead of this candidate. All references and descriptions in this candidate have been removed t...
CVE-2020-24240
GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...
CVE-2020-24240
CVE-2020-24240 concerns GNU Bison before 3.7.1, which contains a use-after-free in _obstack_free (lib/obstack.c) when a NULL byte is encountered during gram_lex. The risk is limited to cases where Bison processes untrusted input, and the observed behavior was primarily a crash in Bison itself, no...