Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Panda3D <= 1.10.16 Deploy-Stub Stack Exhaustion via Unbounded alloca()
Vulnerability Description
Panda3D versions up to and including 1.10.16 deploy-stub contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argv_copy and argv_copy2 using alloca() based directly on the attacker-controlled argc value without validation. Supplying a large number of command-line arguments can exhaust stack space and propagate uninitialized stack memory into Python interpreter initialization, resulting in a reliable crash and undefined behavior.
CVSS Information
N/A
Vulnerability Type
使用未经初始化的变量
Vulnerability Title
Panda3D 安全漏洞
Vulnerability Description
Panda3D是Panda3D开源的一个跨平台游戏引擎。 Panda3D 1.10.16及之前版本存在安全漏洞,该漏洞源于deploy-stub存在无界栈分配,可能导致栈空间耗尽和进程崩溃。
CVSS Information
N/A
Vulnerability Type
N/A