Symonics: >> Libmysofa >> 0.3 Security Vulnerabilities
libmysofa is vulnerable to Heap-based Buffer Overflow
CVSS Score
6.2
EPSS Score
0.003
Published
2021-10-29
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-12-29
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-12-27
treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-03-31