Base Score

HIGH7.5

CVE-2021-32422

dpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array.

VectorNETWORK

Published Bycve@mitre.org

Published DateAug 22, 2023, 19:16

Weakness Type (CWE):CWE-120

CVSS Metrics

Base Score

7.5

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH

References

https://gitlab.com/aplevich/dpic/-/commit/d317e4066c17f9ceb359b3af13264c32f6fb43cf
https://gitlab.com/aplevich/dpic/-/issues/6

Base Score

HIGH7.5

Weakness Type (CWE):CWE-120

CVSS Metrics

Base Score

7.5

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH