Musl-libc Musl 0.9.14

CPE Details

Musl-libc Musl 0.9.14
musl-libc
musl
0.9.14
2019-08-15
15h27 +00:00
2021-05-17
16h18 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:musl-libc:musl:0.9.14:*:*:*:*:*:*:*

Informations

Vendor

musl-libc

Product

musl

Version

0.9.14

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-28928 2020-11-24 17h01 +00:00 In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).
5.5
Medium
CVE-2014-3484 2020-02-20 02h37 +00:00 Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service (crash) via an invalid name length in a DNS response, related to an infinite loop with no output.
9.8
Critical
CVE-2017-15650 2017-10-19 21h00 +00:00 musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query.
7.5
High