admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-05 18:28:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-08-31 03:01:26 +00:00
parent 666755e56d
commit 0a2958ec4b
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
3 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2020/14xxx/CVE-2020-14150.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash)."
"value": "GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison."
}
]
},

7
2020/24xxx/CVE-2020-24240.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "GNU Bison 3.7 has a use after free (UAF) vulnerability. A local attacker may execute bison with crafted input file containing a NULL byte, which could triggers UAF and thus cause system crash."
"value": "GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison."
}
]
},
@ -61,6 +61,11 @@
"url": "https://lists.gnu.org/r/bug-bison/2020-07/msg00051.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/r/bug-bison/2020-07/msg00051.html"
},
{
"refsource": "MISC",
"name": "https://github.com/akimd/bison/compare/v3.7...v3.7.1",
"url": "https://github.com/akimd/bison/compare/v3.7...v3.7.1"
}
]
}

4
2020/24xxx/CVE-2020-24917.json
View File

@ -63,9 +63,9 @@
"name": "https://github.com/osTicket/osTicket/compare/v1.14.2...v1.14.3"
},
{
"url": "https://sisl.lab.uic.edu/projects/chess/",
"refsource": "MISC",
"name": "https://sisl.lab.uic.edu/projects/chess/"
"name": "https://sisl.lab.uic.edu/projects/chess/osticket-xss/",
"url": "https://sisl.lab.uic.edu/projects/chess/osticket-xss/"
}
]
}