Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stack Buffer Overflow in iowow
Vulnerability Description
IOWOW is a C utility library and persistent key/value storage engine. Versions 1.4.15 and prior contain a stack buffer overflow vulnerability that allows for Denial of Service (DOS) when it parses scientific notation numbers present in JSON. A patch for this issue is available at commit a79d31e4cff1d5a08f665574b29fd885897a28fd in the `master` branch of the repository. There are no workarounds other than applying the patch.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
Softmotions IOWOW 缓冲区错误漏洞
Vulnerability Description
Softmotions IOWOW是Softmotions公司的基于跳表数据结构的 C11 持久键/值存储。 Softmotions IOWOW 1.4.15版本及之前版本存在安全漏洞,该漏洞源于包含堆栈缓冲区溢出漏洞。攻击者利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A