CVE-2025-70085

An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames Source1Filename and the string returned by FileUtilFileStateStr into this buffer without any length checking and without using bounded format specifiers...

CVE-2025-70085

An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames Source1Filename and the string returned by FileUtilFileStateStr into this buffer without any length checking and without using bounded format specifiers...

OpenSatKit 安全漏洞

OpenSatKit is an open-source application development toolkit developed by OpenSatKit. Version 2.2.1 of OpenSatKit contains a security vulnerability. This vulnerability stems from the use of an insecure sprintf call in the EventErrStr buffer, which may lead to a stack buffer overflow...

CVE-2025-70085

An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames Source1Filename and the string returned by FileUtilFileStateStr into this buffer without any length checking and without using bounded format specifiers...

PT-2026-7630

Name of the Vulnerable Software and Affected Versions OpenSatKit version 2.2.1 Description The software contains a buffer overflow issue due to the use of sprintf without proper length checking when formatting filenames into the EventErrStr buffer. The EventErrStr buffer is fixed at 256 bytes. Th...

CVE-2025-70085

OpenSatKit 2.2.1 is affected by a stack-based buffer overflow in EventErrStr (256-byte) caused by unsafe sprintf usage when formatting two filenames into the buffer (Source1Filename and FileUtil_FileStateStr). Affected functions include FILE_ConcatenateCmd() and ConcatenateFiles() in file.c, with...