5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.2%
libespeak-ng.so is vulnerable to Buffer Overflow. The vulnerability is caused by the ReadClause
function in readclause.c
due to not having a bounds check when writing data to buffer. This allows an attacker to craft an input to trigger the overflow, potentially leads to code execution or Denial of service.
CPE | Name | Operator | Version |
---|---|---|---|
libespeak-ng.so | le | 1.1.51 | |
espeak-ng:sid | eq | 1.50+dfsg-7 | |
libespeak-ng.so | le | 1.1.51 | |
espeak-ng:sid | eq | 1.50+dfsg-7 |