44 matches found
EUVD-2020-16975
Malware in sbrugna...
EUVD-2025-24010
Malicious code in bioql PyPI...
EUVD-2025-24007
Malicious code in bioql PyPI...
GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison.
...
CVE-2025-8733
A flaw was found in bison. The obstackvprintfinternal function in obprintf.c contains an issue where manipulation can lead to a reachable assertion, allowing a local attacker to trigger an assertion failure. This condition is exploitable via crafted input. The primary consequence of this...
DEBIAN-CVE-2025-8734
Bulletin has no description...
DEBIAN-CVE-2025-8733
Bulletin has no description...
UBUNTU-CVE-2025-8734
A vulnerability has been found in GNU Bison up to 3.8.2. This impacts the function codefree of the file src/scan-code.c. The manipulation leads to double free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The actual existence of this...
CVE-2025-8734
Removed by vendor...
CVE-2025-8733
...
CVE-2025-8733
...
CVE-2025-8733
Removed by vendor...
编号撤回
GNU Bison is a programming language parser generator for the US GNU community. This CVE number has been withdrawn...
Linux Distros Unpatched Vulnerability : CVE-2020-14150
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Bison before 3.5.4 allows attackers to cause a denial of service application crash. NOTE: there is a risk only if Bison is used with untrusted input, and an...
PT-2025-32387 · Gnu +1 · Gnu Bison +1
Name of the Vulnerable Software and Affected Versions: GNU Bison versions up to 3.8.2 Description: A vulnerability exists in GNU Bison up to version 3.8.2, affecting the obstack vprintf internal function within the obprintf.c file. Manipulation of this function can lead to a reachable assertion...
SUSE CVE-2020-24240
GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...
Huawei EulerOS: Security Advisory for bison (EulerOS-SA-2022-2674)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
GNU Bison is vulnerable to denial of service. It has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered...
Updated bison packages fix a security vulnerability
It was discovered that GNU Bison before 3.5.4 allows attackers to cause a denial of service application crash CVE-2020-14150...
MGASA-2021-0023 Updated bison packages fix a security vulnerability
It was discovered that GNU Bison before 3.5.4 allows attackers to cause a denial of service application crash CVE-2020-14150...