10 matches found
CVE-2026-22188
The deploy-stub component in Panda3D versions up to and including 1.10.16 contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argvcopy and argvcopy2 using alloca based directly on the attacker-controlled argc value without validation...
CVE-2026-22188
The deploy-stub component in Panda3D versions up to and including 1.10.16 contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argvcopy and argvcopy2 using alloca based directly on the attacker-controlled argc value without validation...
CVE-2026-22188
Panda3D versions up to and including 1.10.16 deploy-stub contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argvcopy and argvcopy2 using alloca based directly on the attacker-controlled argc value without validation. Supplying a larg...
Use of Uninitialized Variable
Overview Panda3D is a Panda3D is a framework for 3D rendering and game development for Python and C++ programs. Affected versions of this package are vulnerable to Use of Uninitialized Variable via the deploy-stub process. An attacker can cause the application to crash or exhibit undefined behavi...
CVE-2026-22188 Panda3D <= 1.10.16 Deploy-Stub Stack Exhaustion via Unbounded alloca()
The deploy-stub component in Panda3D versions up to and including 1.10.16 contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argvcopy and argvcopy2 using alloca based directly on the attacker-controlled argc value without validation...
CVE-2026-22188
The deploy-stub component in Panda3D versions up to and including 1.10.16 contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argvcopy and argvcopy2 using alloca based directly on the attacker-controlled argc value without validation...
CVE-2026-22188
Panda3D up to version 1.10.16 is affected by a DoS due to unbounded stack allocation in the deploy-stub. The deploy-stub allocates argv_copy and argv_copy2 with alloca() based on attacker-controlled argc without validation, which can exhaust stack space and crash the process during Python interpr...
CVE-2026-22188 Panda3D <= 1.10.16 Deploy-Stub Stack Exhaustion via Unbounded alloca()
The deploy-stub component in Panda3D versions up to and including 1.10.16 contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argvcopy and argvcopy2 using alloca based directly on the attacker-controlled argc value without validation...
PT-2026-2162
Name of the Vulnerable Software and Affected Versions Panda3D versions up to and including 1.10.16 Description Panda3D deploy-stub contains a denial of service condition resulting from unbounded stack allocation. The deploy-stub executable uses alloca to allocate argv copy and argv copy2 based on...
Panda3D 安全漏洞
Panda3D is a cross-platform game engine from Panda3D open source. A security vulnerability exists in Panda3D 1.10.16 and earlier versions, which stems from the presence of an unbounded stack allocation in deploy-stub, which may lead to stack space exhaustion and process crash...