CVE-2019-11484Integer Overflow or Wraparound in Whoopsie

CWE-190Integer Overflow or Wraparound5 documents5 sources
Severity
7.8HIGHNVD
CNA6.3
EPSS
0.1%
top 71.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Canonical WhoopsieWhoopsie Project WhoopsieCanonical Ubuntu Linux
Timeline
PublishedFeb 8
Latest updateMay 24

Description

Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5canonical/whoopsie0.2.52.50.2.52.5ubuntu0.2+2
Ubuntuwhoopsie_project/whoopsie< 0.2.52.5ubuntu0.2+2

Also affects: Ubuntu Linux 16.04, 18.04, 19.04, 19.10

🔴Vulnerability Details

3
GHSA
GHSA-rwvc-6fhr-c2q7: Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie2022-05-24
CVEList
Integer overflow in bson_ensure_space2020-02-08
OSV
CVE-2019-11484: Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie2019-10-29

📋Vendor Advisories

1
Ubuntu
Whoopsie vulnerability2019-10-30
CVE-2019-11484 — Integer Overflow or Wraparound | cvebase