PT-2026-29320 · Amazon · Aws-C-Event-Stream

Dmitry Musatkin

Publicado

2026-03-31

Atualizado

2026-04-09

CVE-2026-5190

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions aws-c-event-stream versions prior to 0.6.0

Description A flaw exists in the streaming decoder component of aws-c-event-stream that could allow a third party operating a server to cause memory corruption, potentially leading to arbitrary code execution on a client application that processes specially crafted event-stream messages.

Recommendations Upgrade to version 0.6.0 or later.

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2026-5190

OPENSUSE-SU-2026:10512-1

OPENSUSE-SU-2026:20477-1

Produtos afetados

Aws-C-Event-Stream

PT-2026-29320 · Amazon · Aws-C-Event-Stream

CVE-2026-5190

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9