Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
bwoodsend rockhopper Binary Parser ragged_array.c count_rows buffer overflow
Vulnerability Description
A vulnerability, which was classified as critical, has been found in bwoodsend rockhopper up to 0.1.2. Affected by this issue is the function count_rows of the file rockhopper/src/ragged_array.c of the component Binary Parser. The manipulation of the argument raw leads to buffer overflow. Local access is required to approach this attack. Upgrading to version 0.2.0 is able to address this issue. The name of the patch is 1a15fad5e06ae693eb9b8908363d2c8ef455104e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-266312.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
rockhopper 安全漏洞
Vulnerability Description
rockhopper是bwoodsend个人开发者的一个不规则数组类:包含长度不匹配的行的 2D NumPy 数组。 rockhopper 0.1.2及之前版本存在安全漏洞,该漏洞源于组件Binary Parser的文件rockhopper/src/raged_array.c存在缓冲区溢出漏洞。
CVSS Information
N/A
Vulnerability Type
N/A