PT-2022-12132 · Yottadb · Yottadb
Published
2022-04-15
·
Updated
2022-04-22
·
CVE-2021-44485
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
YottaDB versions prior to r1.33 and V7.0-001
Description
An issue was discovered that allows attackers to crash the application by dereferencing a NULL pointer due to a lack of NULL checks in the trip gen function in sr port/emit code.c.
Recommendations
For YottaDB versions prior to r1.33 and V7.0-001, consider applying a patch or fix that adds NULL checks to the trip gen function in sr port/emit code.c to prevent the application from crashing due to NULL pointer dereferences.
Exploit
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Yottadb