CVE-2025-8734
- EPSS 0.02%
- Veröffentlicht 08.08.2025 18:15:29
- Zuletzt bearbeitet 19.08.2025 05:15:31
A vulnerability has been found in GNU Bison up to 3.8.2. This impacts the function code_free of the file src/scan-code.c. The manipulation leads to double free. An attack has to be approached locally. The exploit has been disclosed to the public and ...
CVE-2025-8733
- EPSS 0.02%
- Veröffentlicht 08.08.2025 17:32:06
- Zuletzt bearbeitet 19.08.2025 05:15:31
A flaw has been found in GNU Bison up to 3.8.2. This affects the function __obstack_vprintf_internal of the file obprintf.c. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has been published and ...
CVE-2020-24240
- EPSS 0.42%
- Veröffentlicht 25.08.2020 14:15:16
- Zuletzt bearbeitet 21.11.2024 05:14:32
GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behav...
CVE-2020-14150
- EPSS 0.1%
- Veröffentlicht 15.06.2020 17:15:10
- Zuletzt bearbeitet 21.11.2024 05:02:44
GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. Th...