30 matches found
Astra Linux - уязвимость в tar
The vulnerability of the obstackbeginworker function in the obstack.c GNU Tar component is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker to cause service failures...
EUVD-2021-1631
Malware in sbrugna...
EUVD-2025-24010
Malicious code in bioql PyPI...
GNU Bison obprintf.c __obstack_vprintf_internal assertion
...
Linux Distros Unpatched Vulnerability : CVE-2020-24240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if...
CVE-2025-8733
A flaw was found in bison. The obstackvprintfinternal function in obprintf.c contains an issue where manipulation can lead to a reachable assertion, allowing a local attacker to trigger an assertion failure. This condition is exploitable via crafted input. The primary consequence of this...
CVE-2025-8733
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison...
CVE-2025-8733
...
CVE-2025-8733
...
CVE-2025-8733
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison...
CVE-2025-8733
CVE-2025-8733 entry is withdrawn/not an active vulnerability per NVD: the CNA withdrew it and analysis showed the referenced stack-trace files do not exist in GNU Bison; other connected records describe related discussions but do not establish an exploitable issue for this CVE.
CVE-2025-8733
Removed by vendor...
CVE-2020-35894
An issue was discovered in the obstack crate before 0.1.4 for Rust. Unaligned references can occur...
PT-2025-32387 · Gnu +1 · Gnu Bison +1
Name of the Vulnerable Software and Affected Versions: GNU Bison versions up to 3.8.2 Description: A vulnerability exists in GNU Bison up to version 3.8.2, affecting the obstack vprintf internal function within the obprintf.c file. Manipulation of this function can lead to a reachable assertion...
SUSE CVE-2020-24240
GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...
OESA-2022-1767 bison security update
Bison is a general-purpose parser generator that converts an annotated context-free grammar into a deterministic LR or generalized LR GLR parser employing LALR1 parser tables. As an experimental feature, Bison can also generate IELR1 or canonical LR1 parser tables. Once you are proficient with...
GHSA-85J6-F8J6-Q26X Unaligned references in Obstack
Obstack generates unaligned references for types that require a large alignment...
Unaligned references in Obstack
Obstack generates unaligned references for types that require a large alignment...
CVE-2020-35894
An issue was discovered in the obstack crate before 0.1.4 for Rust. Unaligned references can occur...
CVE-2020-35894
An issue was discovered in the obstack crate before 0.1.4 for Rust. Unaligned references can occur...