Published: 04/12/2023 Updated: 13/12/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

TinyDir is a lightweight C directory and file reader. Buffer overflows in the `tinydir_file_open()` function. This vulnerability has been patched in version 1.2.6.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cxong tinydir

Debian Bug report logs - #1059256 falcosecurity-libs: CVE-2023-49287 Package: src:falcosecurity-libs; Maintainer for src:falcosecurity-libs is Dima Kogan <dkogan@debianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Fri, 22 Dec 2023 09:03:01 UTC Severity: grave Tags: security, upstream Found in version ...

TinyDir versions 125 and below suffer from a buffer overflow vulnerability with long path names ...

Addressing the 'blind spots' or undetected CVEs in the Clang Static Analyzer (CSA), Enhancing CSA's detection of overlooked CVEs

CSABlindSpot Addressing the 'Blind Spots' in Clang Static Analyzer (CSA): Enhancing Detection of Overlooked CVEs 1 CVE-2023-49287 Source: CVE-2023-49287 TinyDir: A Lightweight C Directory and File Reader Vulnerability: Buffer overflows in the tinydir_file_open() function Impacted Versions: Versions prior to 126

CWE-120 https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf https://github.com/cxong/tinydir/releases/tag/1.2.6 http://www.openwall.com/lists/oss-security/2023/12/04/1 http://packetstormsecurity.com/files/176060/TinyDir-1.2.5-Buffer-Overflow.html http://seclists.org/fulldisclosure/2023/Dec/14 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059256 https://nvd.nist.gov https://github.com/ShangzhiXu/CSABlindSpot

CVE-2023-49287

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect