CVE-2019-20367

CVE-2019-20367 is a vulnerability in libbsd where the symbol-table handling in nlist.c can read beyond bounds when comparing a symbol name from the string table. Affected: libbsd before 0.10.0 (older releases). Root cause: out-of-bounds read (CWE-125) in nlist.c. Impact: potential crash or crash-...

CVE-2016-2090

The CVE-2016-2090 issue is in the libbsd library, specifically the fgetwln() function. An off-by-one condition in the memory reallocation path can trigger a heap-based buffer overflow in versions before 0.8.2. Several advisories (e.g., Gentoo GLSA-201607-13, Debian DLA-2052-1) note potential remo...