CVE-2021-21813
Severity
7.8HIGH
EPSS
0.1%
top 81.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 13
Latest updateMay 24
Description
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
🔴Vulnerability Details
2GHSA▶
GHSA-h458-372j-6g45: Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line↗2022-05-24
CVEList▶
CVE-2021-21813: Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line↗2021-08-13