Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:22465
HistoryFeb 05, 2020 - 5:32 a.m.

Invalid Memory Free

2020-02-0505:32:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17

0.003 Low

EPSS

Percentile

65.8%

JSON

nanopb is vulnerable to invalid freeing of memory. The vulnerability possible when it calls the function free() on a pointer value that comes from uninitialized memory and when the following conditions are met: 1. compile with PB_ENABLE_MALLOC and 2. message to be decoded contains a repeated string, bytes or message field and 3. realloc() runs out of memory when expanding the array

CPENameOperatorVersion
nanopble0.3.9011
nanopble0.3.9011

Related

prion 1
osv 1
nvd 1
debiancve 1
ibm 1
cve 1
cvelist 1
prion
prion
Memory corruption
2020-02-04 03:15:00
osv
osv
CVE-2020-5235
2020-02-04 03:15:10
nvd
nvd
CVE-2020-5235
2020-02-04 03:15:10
debiancve
debiancve
CVE-2020-5235
2020-02-04 03:15:10
ibm
ibm
Security Bulletin: A security vulnerability has been identified in nanopb shipped with IBM Watson Machine Learning Community Edition (WMLCE)
2020-05-20 00:33:54
cve
cve
CVE-2020-5235
2020-02-04 03:15:10
cvelist
cvelist
CVE-2020-5235 Out-of-memory condition in Nanopb is potentially exploitable
2020-02-04 03:00:18

0.003 Low

EPSS

Percentile

65.8%

JSON
Related for VERACODE:22465
prion1osv1nvd1debiancve1ibm1cve1cvelist1