libmysofa up to 0.6 Calculation hdf/btree.c treeRead input validation

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as very critical, was found in libmysofa up to 0.6. This affects the function treeRead of the file hdf/btree.c of the component Calculation Handler. Upgrading to version 0.7 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
884923305/23/2020VulD...urlhttps://usn.ubuntu.com/4033-1/usn.ubuntu.com05/23/2020accepted100
884919605/23/2020VulD...discoverydate155399040005/23/2020accepted100
884924804/01/2019VulD...cvss3_nvd_basescore9.8nist.gov04/01/2019accepted90
884924704/01/2019VulD...cvss3_vuldb_rcX04/01/2019accepted90
884924604/01/2019VulD...cvss3_vuldb_rlO04/01/2019accepted90
884924504/01/2019VulD...cvss3_vuldb_eX04/01/2019accepted90
884924404/01/2019VulD...cvss2_vuldb_rcND04/01/2019accepted90
884924304/01/2019VulD...cvss2_vuldb_rlOF04/01/2019accepted90
884924204/01/2019VulD...cvss2_vuldb_eND04/01/2019accepted90
884924104/01/2019VulD...locationWebsite04/01/2019accepted90
884924004/01/2019VulD...risk204/01/2019accepted90
884923904/01/2019VulD...cve_nvd_summarytreeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions.mitre.org04/01/2019accepted100
884923804/01/2019VulD...cve_assigned1553990400mitre.org04/01/2019accepted100
884923704/01/2019VulD...cveCVE-2019-10672mitre.org04/01/2019accepted100
884923604/01/2019VulD...upgrade_version0.704/01/2019accepted100
884923504/01/2019VulD...nameUpgrade04/01/2019accepted100
884923404/01/2019VulD...price_0day$0-$5ksee documentation04/01/2019accepted100
884923204/01/2019VulD...date1553990400 (03/31/2019)04/01/2019accepted100
884923104/01/2019VulD...cvss3_nvd_aHnist.gov04/01/2019accepted100
884923004/01/2019VulD...cvss3_nvd_iHnist.gov04/01/2019accepted100

Want to stay up to date on a daily basis?

Enable the mail alert feature now!