Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-20433

libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.2%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
Products affected by CVE-2019-20433
  • Gnu » Aspell » Version: N/A
    cpe:2.3:a:gnu:aspell:-
  • Gnu » Aspell » Version: 0.50-3
    cpe:2.3:a:gnu:aspell:0.50-3
  • Gnu » Aspell » Version: 0.50.5
    cpe:2.3:a:gnu:aspell:0.50.5
  • Gnu » Aspell » Version: 0.60.6.1
    cpe:2.3:a:gnu:aspell:0.60.6.1
  • Gnu » Aspell » Version: 0.60.7
    cpe:2.3:a:gnu:aspell:0.60.7


Products
Pricing
Contact Us

Shodan ® - All rights reserved