treym-wss / ast Goto Github PK

Vulnerable Library - https://source.codeaurora.org/quic/lc/native_client/nacl-toolchain/binutils-2.20

Library home page: https://source.codeaurora.org/quic/lc/native_client/nacl-toolchain/

Vulnerable Source Files (2)

/src/lib/libz/inflate.c
/src/lib/libz/inflate.c

Vulnerability Details

Zlib in versions v0.8 to v1.2.11 is vulnerable to use-of-uninitialized-value in inflate.
There are a couple of places in inflate() where UPDATE is called with state->check as its first parameter, without a guarantee that this value has been initialized (state comes from a ZALLOC in inflateInit). This causes use of uninitialized check value.

Publish Date: 2020-02-22

URL: WS-2020-0368

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/WS-2020-0368

Release Date: 2020-02-22

Fix Resolution: cmake-native - 3.15.5;binutils-cross-testsuite - 2.35;libstd-rs - 1.57.0;gdb - 11.1,9.2;tcl - 8.6.11;sudo - 1.8.32;binutils - 2.35,2.28;ccache - 3.3.3,4.1;libgit2 - 1.3.0;cmake - 3.19.5,3.7.0,3.7.2,3.22.0,3.17.3;cmake-native - 3.17.3,3.7.0,3.22.0,3.18.4;ghostscript - 9.55.0

Vulnerable Library - https://source.codeaurora.org/quic/lc/native_client/nacl-toolchain/binutils-2.20

Library home page: https://source.codeaurora.org/quic/lc/native_client/nacl-toolchain/

Found in HEAD commit: c737a944939a4a34307d1d70f0054109ace029a2

Vulnerable Source Files (2)

/src/lib/libz/inflate.c
/src/lib/libz/inflate.c

Vulnerability Details

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

Publish Date: 2022-08-05

URL: CVE-2022-37434

CVSS 3 Score Details (8.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Vulnerable Library - astksh93u

This is the AT&T Software Technology ast software download site from AT&T Research. The AT&T AST OpenSource Software Collection provides an overview and Practical Reusable UNIX Software provides a historical perspective. You can join the ast and uwin mailgroups, or monitor the mail archives. There is also an AT&T internal talk. The man page index contains most of the ast commands and library functions; command man pages are also available at runtime using the --man or --html option of any ast command.

Library home page: https://github.com/att/ast.git

Found in HEAD commit: c737a944939a4a34307d1d70f0054109ace029a2

Vulnerable Source Files (1)

/src/cmd/ksh93/sh/arith.c

Vulnerability Details

In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.

Publish Date: 2020-04-02

URL: CVE-2019-14868

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2019-14868

Release Date: 2020-10-09

Fix Resolution: ksh - 20120801-253,20120801-138,20120801-140,20120801-253,20120801-140,20120801-253,20120801-140,20120801-253,20120801-26,20120801-36,20120801-138,20120801-253,20120801-138,20120801-140,20120801-38,20120801-26,20120801-253,20120801-140,20120801-36,20120801-140,20120801-27,20120801-36,20120801-253,20120801-140,20120801-140,20120801-38,20120801-27,20120801-253,20120801-38,20120801-138;ksh-debugsource - 20120801-253,20120801-253;ksh-debuginfo - 20120801-36,20120801-26,20120801-38,20120801-140,20120801-253,20120801-253,20120801-140,20120801-38,20120801-138,20120801-27