Name of the Vulnerable Software and Affected Versions Cppcheck (affected versions not specified)

Description The issue is related to the findGarbageCode function in the Cppcheck static analyzer, which is vulnerable to a memory access out of bounds when concatenating strings using std::operator+. This could allow an attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.