CVE-2023-31725 — Use After Free in Project Yasm

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 92.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMay 17

Description

yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the function expand_mmac_params at yasm/modules/preprocs/nasm/nasm-pp.c.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

▶NVDyasm_project/yasm1.3.0.55.g101bc

GHSA

GHSA-v8xh-gh45-h3h5: yasm 1↗2023-05-17

▶

OSV

CVE-2023-31725: yasm 1↗2023-05-17

▶

Debian

CVE-2023-31725: yasm - yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free via the fun...↗2023

▶