| Title | TA-Lib Project ta-lib 0.6.4 Out-of-bounds Write |
|---|
| Description | **Title**:
`Out-of-Bounds Read in TA-Lib Release Regression Tool`
**Description**:
A **buffer overflow read vulnerability** exists in TA-Lib’s regression test tool `ta_regtest`. The vulnerability arises due to incorrect array length calculation in `test_minmax.c`, leading to memory access beyond allocated bounds.
**Impact**:
Potential program crash or sensitive information leakage.
**Fix**:
Merged in PR #61 (Commit: https://github.com/TA-Lib/ta-lib/pull/62).
**Affected Versions**:
`TA-Lib <= 0.6.4`
**Fixed Versions**:
`TA-Lib >= 0.6.4+`
**CVSS v3.1 Score**:
`6.5 (Medium)` (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)`
**References**:
1. Issue: [TA-Lib #61](https://github.com/TA-Lib/ta-lib/issues/61)
2. Fix Commit: [](https://github.com/TA-Lib/ta-lib/pull/62) |
|---|
| Source | ⚠️ https://github.com/TA-Lib/ta-lib/issues/61 |
|---|
| User | tyy_qqq (UID 83072) |
|---|
| Submission | 03/21/2025 08:55 (1 Year ago) |
|---|
| Moderation | 03/31/2025 07:42 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 302069 [TA-Lib up to 0.6.4 ta_regtest test_minmax.c setInputBuffer out-of-bounds write] |
|---|
| Points | 20 |
|---|