CVE-2020-28241

CVE-2020-28241 affects libmaxminddb prior to 1.4.3. A heap-based buffer over-read in dump_entry_data_list (maxminddb.c) is the root cause. Public advisories confirm the library as the vulnerable component; multiple sources (ALMA, Fedora, Debian) indicate fixes in libmaxminddb 1.4.3 and related se...