PT-2023-10174 · Nanopb · Nanopb

Petteri Aimonen

Publicado

2023-06-17

Atualizado

2024-12-17

CVE-2014-125106

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Nanopb versions prior to 0.3.1

Description The issue allows size t overflows in pb dec bytes and pb dec string.

Recommendations For versions prior to 0.3.1, update to version 0.3.1 or later to resolve the issue.

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2014-125106

Nanopb