3 matches found
Security Bulletin: A security vulnerability has been identified in nanopb shipped with IBM Watson Machine Learning Community Edition (WMLCE)
Summary The vulnerability CVE-2020-5235 was found in the nanopb package, which is either built in to or distributed with IBM WMLCE. Vulnerability Details CVEID: CVE-2020-5235 DESCRIPTION: Nanopb is vulnerable to a denial of service, caused by a out of memory condition. By persuading a victim to...
CVE-2020-5235 Out-of-memory condition in Nanopb is potentially exploitable
There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4. When nanopb is compiled with PBENABLEMALLOC, the message to be decoded contains a repeated string, bytes or message field and realloc runs out of memory when expanding the array nanopb can end...
CVE-2020-5235
There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4. When nanopb is compiled with PBENABLEMALLOC, the message to be decoded contains a repeated string, bytes or message field and realloc runs out of memory when expanding the array nanopb can end...