CVE-2019-17544
published 2019-10-14CVE-2019-17544: libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
critical9.1CVSS 3.1
AVNACLPRNUINSUCHINAH
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | aspell | < aspell 0.60.8-1 (bookworm) | aspell 0.60.8-1 (bookworm) |
| gnu | aspell | < 0.60.8 | 0.60.8 |
| gnu | aspell | >= 0 < 0.60.8-1 | 0.60.8-1 |
| gnu | aspell | >= 0 < 0.60.8-1 | 0.60.8-1 |
| gnu | aspell | >= 0 < 0.60.8-1 | 0.60.8-1 |
| gnu | aspell | >= 0 < 0.60.8-1 | 0.60.8-1 |
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
osv9.1CRITICAL