PT-2023-15564 · Pycdc · Pycdc

Published

2023-02-06

Updated

2025-03-26

CVE-2022-48078

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions pycdc version 44a730f3a889503014fec94ae6e62d8401cb75e5

Description The issue is related to a stack overflow in the pycdc component, specifically in the ASTree.cpp:BuildFromCode function. This occurs due to a problem in the pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5.

Recommendations For version 44a730f3a889503014fec94ae6e62d8401cb75e5, as a temporary workaround, consider disabling the BuildFromCode function in the ASTree.cpp component until a patch is available.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2022-48078

Affected Products

Pycdc

PT-2023-15564 · Pycdc · Pycdc

CVE-2022-48078

Weakness Enumeration

Related Identifiers

Affected Products

References · 6