CVE-2022-44315

Name of the Vulnerable Software and Affected Versions PicoC version 3.2.2

Description A heap buffer overflow was discovered in the ExpressionAssign function in expression.c when called from ExpressionParseFunctionCall, which can lead to a potential issue.

Recommendations For PicoC version 3.2.2, consider restricting access to the ExpressionAssign function until a patch is available. As a temporary workaround, avoid using the ExpressionParseFunctionCall function to call ExpressionAssign until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.