Debian Squirrel3 vulnerabilities

CVE-2026-2661 [MEDIUM] CVE-2026-2661: squirrel3 - A security flaw has been discovered in Squirrel up to 3.2. This affects the func... A security flaw has been discovered in Squirrel up to 3.2. This affects the function SQObjectPtr::operator in the library squirrel/sqobject.h. The manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early throu

CVE-2026-3389 [MEDIUM] CVE-2026-3389: squirrel3 - A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects... A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstd_rex_newnode in the library sqstdlib/sqstdrex.cpp. Executing a manipulation can lead to null pointer dereference. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early throu

CVE-2026-3388 [MEDIUM] CVE-2026-3388: squirrel3 - A vulnerability was found in Squirrel up to 3.2. This affects the function SQCom... A vulnerability was found in Squirrel up to 3.2. This affects the function SQCompiler::Factor/SQCompiler::UnaryOP of the file squirrel/sqcompiler.cpp. Performing a manipulation results in uncontrolled recursion. The attack needs to be approached locally. The exploit has been made public and could be used. The project was informed of the problem early through an is

CVE-2026-2659 [MEDIUM] CVE-2026-2659: squirrel3 - A vulnerability was determined in Squirrel up to 3.2. Affected by this vulnerabi... A vulnerability was determined in Squirrel up to 3.2. Affected by this vulnerability is the function SQFuncState::PopTarget of the file src/squirrel/squirrel/sqfuncstate.cpp. Executing a manipulation of the argument _target_stack can lead to out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may b

CVE-2022-30292 [CRITICAL] CVE-2022-30292: squirrel3 - Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a cer... Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call. Scope: local bullseye: open forky: resolved (fixed in 3.1-8.2) sid: resolved (fixed in 3.1-8.2) trixie: resolved (fixed in 3.1-8.2)

CVE-2021-41556 [CRITICAL] CVE-2021-41556: squirrel3 - sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bound... sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of the squirrel script sandbox even if all dangerous functionality such as File System functions has been disa