An issue exists in py-lmdb 0.97. mdb_node_del does not validate a memmove in the case of an unexpected node->mn_hi, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
py-lmdb project py-lmdb |