CVE-2019-20433
published 2020-01-27CVE-2019-20433: libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of…
critical9.1CVSS 3.1
AVNACLPRNUINSUCHINAH
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | aspell | < aspell 0.60.7-3 (bookworm) | aspell 0.60.7-3 (bookworm) |
| gnu | aspell | < 0.60.8 | 0.60.8 |
| gnu | aspell | >= 0 < 0.60.7-3 | 0.60.7-3 |
| gnu | aspell | >= 0 < 0.60.7-3 | 0.60.7-3 |
| gnu | aspell | >= 0 < 0.60.7-3 | 0.60.7-3 |
| gnu | aspell | >= 0 < 0.60.7-3 | 0.60.7-3 |
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
osv9.1CRITICAL