Gnu

Cflow

6 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2025-8736

Exploit
  • EPSS 0.02%
  • Veröffentlicht 08.08.2025 19:02:06
  • Zuletzt bearbeitet 08.08.2025 20:30:18

A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to appr...

3.3

CVE-2025-8735

Exploit
  • EPSS 0.02%
  • Veröffentlicht 08.08.2025 18:32:06
  • Zuletzt bearbeitet 08.08.2025 20:30:18

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approache...

7.5

CVE-2023-2789

Exploit
  • EPSS 0.21%
  • Veröffentlicht 18.05.2023 13:15:09
  • Zuletzt bearbeitet 21.11.2024 07:59:17

A vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to th...

5.5

CVE-2020-23856

Exploit
  • EPSS 0.11%
  • Veröffentlicht 18.05.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:14:08

Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.

6.5

CVE-2019-16165

  • EPSS 0.52%
  • Veröffentlicht 09.09.2019 17:15:13
  • Zuletzt bearbeitet 21.11.2024 04:30:10

GNU cflow through 1.6 has a use-after-free in the reference function in parser.c.

6.5

CVE-2019-16166

  • EPSS 0.51%
  • Veröffentlicht 09.09.2019 17:15:13
  • Zuletzt bearbeitet 21.11.2024 04:30:11

GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.