VYPR

rpm package

suse/ocaml&distro=SUSE Linux Enterprise Software Development Kit 11 SP4

pkg:rpm/suse/ocaml&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Vulnerabilities (2)

  • CVE-2018-9838CriApr 6, 2018
    affected < 4.02.1-4.3.2fixed 4.02.1-4.3.2

    The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or poss

  • CVE-2015-8869CriJun 13, 2016
    affected < 4.02.1-3.4fixed 4.02.1-3.4

    OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.