The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
References
Configurations
History
07 Nov 2023, 02:54
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2018-10-03 08:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-17942
Mitre link : CVE-2018-17942
CVE.ORG link : CVE-2018-17942
JSON object : View
Products Affected
gnu
- gnulib
CWE
CWE-787
Out-of-bounds Write