| 제목 | TA-Lib Project ta-lib 0.6.4 Out-of-bounds Write |
|---|
| 설명 | **Title**:
`Out-of-Bounds Read in TA-Lib Release Regression Tool`
**Description**:
A **buffer overflow read vulnerability** exists in TA-Lib’s regression test tool `ta_regtest`. The vulnerability arises due to incorrect array length calculation in `test_minmax.c`, leading to memory access beyond allocated bounds.
**Impact**:
Potential program crash or sensitive information leakage.
**Fix**:
Merged in PR #61 (Commit: https://github.com/TA-Lib/ta-lib/pull/62).
**Affected Versions**:
`TA-Lib <= 0.6.4`
**Fixed Versions**:
`TA-Lib >= 0.6.4+`
**CVSS v3.1 Score**:
`6.5 (Medium)` (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)`
**References**:
1. Issue: [TA-Lib #61](https://github.com/TA-Lib/ta-lib/issues/61)
2. Fix Commit: [](https://github.com/TA-Lib/ta-lib/pull/62) |
|---|
| 원천 | ⚠️ https://github.com/TA-Lib/ta-lib/issues/61 |
|---|
| 사용자 | tyy_qqq (UID 83072) |
|---|
| 제출 | 2025. 03. 21. AM 08:55 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 03. 31. AM 07:42 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 302069 [TA-Lib 까지 0.6.4 ta_regtest test_minmax.c setInputBuffer 메모리 손상] |
|---|
| 포인트들 | 20 |
|---|