漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Stack buffer overflows in SimpleBLE
Vulnerability Description
SimpleBLE is a cross-platform library and bindings for Bluetooth Low Energy (BLE). Prior to version 0.14.0, there are multiple stack-based buffer overflow vulnerabilities in SimpleBLE. There is a stack overflow vulnerability in the dongl backend’s Protocol::simpleble_write function (local, caller-controlled input). A stack overflow vulnerability when processing manufacturer-specific data in BLE advertisements (remote, no pairing or connection required). Lastly, a stack overflow vulnerability when processing service data in BLE advertisements (remote, no pairing or connection required). This issue has been patched in version 0.14.0.
CVSS Information
N/A
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
simpleble 安全漏洞
Vulnerability Description
simpleble是SimpleBLE开源的一个跨平台蓝牙低功耗库及多语言绑定工具。 simpleble 0.14.0之前版本存在安全漏洞,该漏洞源于dongl后端Protocol::simpleble_write函数存在栈溢出,处理BLE广告中制造商特定数据和服务数据时存在栈溢出,可能导致缓冲区溢出攻击。
CVSS Information
N/A
Vulnerability Type
N/A