| Titel | TA-Lib Project ta-lib 0.6.4 Out-of-bounds Write |
|---|
| Beschreibung | **Title**:
`Out-of-Bounds Read in TA-Lib Release Regression Tool`
**Description**:
A **buffer overflow read vulnerability** exists in TA-Lib’s regression test tool `ta_regtest`. The vulnerability arises due to incorrect array length calculation in `test_minmax.c`, leading to memory access beyond allocated bounds.
**Impact**:
Potential program crash or sensitive information leakage.
**Fix**:
Merged in PR #61 (Commit: https://github.com/TA-Lib/ta-lib/pull/62).
**Affected Versions**:
`TA-Lib <= 0.6.4`
**Fixed Versions**:
`TA-Lib >= 0.6.4+`
**CVSS v3.1 Score**:
`6.5 (Medium)` (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)`
**References**:
1. Issue: [TA-Lib #61](https://github.com/TA-Lib/ta-lib/issues/61)
2. Fix Commit: [](https://github.com/TA-Lib/ta-lib/pull/62) |
|---|
| Quelle | ⚠️ https://github.com/TA-Lib/ta-lib/issues/61 |
|---|
| Benutzer | tyy_qqq (UID 83072) |
|---|
| Einreichung | 21.03.2025 08:55 (vor 1 Jahr) |
|---|
| Moderieren | 31.03.2025 07:42 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 302069 [TA-Lib bis 0.6.4 ta_regtest test_minmax.c setInputBuffer Pufferüberlauf] |
|---|
| Punkte | 20 |
|---|