Vulnerability Details CVE-2020-23915
An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_escape_sequence() in peglib.h has a heap-based buffer over-read.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.7%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- https://cwe.mitre.org/data/definitions/126.html
- https://github.com/yhirose/cpp-peglib/commit/b3b29ce8f3acf3a32733d930105a17d7b0ba347e
- https://github.com/yhirose/cpp-peglib/issues/122
- https://cwe.mitre.org/data/definitions/126.html
- https://github.com/yhirose/cpp-peglib/commit/b3b29ce8f3acf3a32733d930105a17d7b0ba347e
- https://github.com/yhirose/cpp-peglib/issues/122
Products affected by CVE-2020-23915
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.0
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.1
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.10
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.11
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.12
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.2
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.3
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.4
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.5
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.6
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.7
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.8
-
cpe:2.3:a:cpp-peglib_project:cpp-peglib:0.1.9