| Título | TA-Lib Project ta-lib 0.6.4 Out-of-bounds Write |
|---|
| Descrição | **Title**:
`Out-of-Bounds Read in TA-Lib Release Regression Tool`
**Description**:
A **buffer overflow read vulnerability** exists in TA-Lib’s regression test tool `ta_regtest`. The vulnerability arises due to incorrect array length calculation in `test_minmax.c`, leading to memory access beyond allocated bounds.
**Impact**:
Potential program crash or sensitive information leakage.
**Fix**:
Merged in PR #61 (Commit: https://github.com/TA-Lib/ta-lib/pull/62).
**Affected Versions**:
`TA-Lib <= 0.6.4`
**Fixed Versions**:
`TA-Lib >= 0.6.4+`
**CVSS v3.1 Score**:
`6.5 (Medium)` (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)`
**References**:
1. Issue: [TA-Lib #61](https://github.com/TA-Lib/ta-lib/issues/61)
2. Fix Commit: [](https://github.com/TA-Lib/ta-lib/pull/62) |
|---|
| Fonte | ⚠️ https://github.com/TA-Lib/ta-lib/issues/61 |
|---|
| Utilizador | tyy_qqq (UID 83072) |
|---|
| Submissão | 21/03/2025 08h55 (há 1 Ano) |
|---|
| Moderação | 31/03/2025 07h42 (10 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 302069 [TA-Lib até 0.6.4 ta_regtest test_minmax.c setInputBuffer Excesso de tampão] |
|---|
| Pontos | 20 |
|---|