rpm package
opensuse/gnuchess&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/gnuchess&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-30184 | — | < 6.2.9-1.2 | 6.2.9-1.2 | Apr 7, 2021 | GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc. | ||
| CVE-2019-15767 | — | < 6.2.9-1.2 | 6.2.9-1.2 | Aug 29, 2019 | In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_load function in frontend/cmd.cc via a crafted chess position in an EPD file. | ||
| CVE-2015-8972 | Cri | 9.8 | < 6.2.4-1.1 | 6.2.4-1.1 | Jan 23, 2017 | Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode. |
- CVE-2021-30184Apr 7, 2021affected < 6.2.9-1.2fixed 6.2.9-1.2
GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc.
- CVE-2019-15767Aug 29, 2019affected < 6.2.9-1.2fixed 6.2.9-1.2
In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_load function in frontend/cmd.cc via a crafted chess position in an EPD file.
- affected < 6.2.4-1.1fixed 6.2.4-1.1
Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.