Vulnerability Details CVE-2019-11637
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_rset_get_props at rec-rset.c in librec.a, leading to a crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.3%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- https://github.com/TeamSeri0us/pocs/blob/master/recutils/bug-report-recutils
- https://github.com/TeamSeri0us/pocs/tree/master/recutils/bug-report-recutils/rec2csv
- https://github.com/TeamSeri0us/pocs/blob/master/recutils/bug-report-recutils
- https://github.com/TeamSeri0us/pocs/tree/master/recutils/bug-report-recutils/rec2csv