Published: 14/08/2023 Updated: 07/11/2023

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu indent 2.2.13

Debian Bug report logs - #1049366 indent: CVE-2023-40305 Package: src:indent; Maintainer for src:indent is Santiago Vila <sanvila@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 14 Aug 2023 18:54:02 UTC Severity: important Tags: security, upstream Found in versions indent/2212-4+deb12 ...

GNU indent 2213 has a heap-based buffer overflow in search_brace in indentc via a crafted file (CVE-2023-40305) ...

DescriptionA flaw was found in indent, a program for formatting C code This flaw allows an attacker who can trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crashA flaw was found in indent, a program for formatting C code This flaw allows an attacker who can trick a ...

CWE-787 https://ftp.gnu.org/gnu/indent/https://savannah.gnu.org/bugs/index.php?64503 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W6SL3NKMH5R4S5PD2O3MTC2UR4SBVHK/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4MIUH3F63KQJWYR3FLKRZUYYRJOY6FYX/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OB6GB6FUFPV5VJAZIANDG4YNNDW6JNXX/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049366 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2358.html

CVE-2023-40305

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect