VYPR

whoopsie

by Ubuntu

CVEs (4)

  • CVE-2020-11937Aug 6, 2020
    risk 0.00cvss epss 0.00

    In whoopsie, parse_report() from whoopsie.c allows a local attacker to cause a denial of service via a crafted file. The DoS is caused by resource exhaustion due to a memory leak. Fixed in 0.2.52.5ubuntu0.5, 0.2.62ubuntu0.5 and 0.2.69ubuntu0.1.

  • CVE-2020-15570Jul 6, 2020
    risk 0.00cvss epss 0.01

    The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.

  • CVE-2019-11484Feb 8, 2020
    risk 0.00cvss epss 0.00

    Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.

  • CVE-2019-11476Aug 29, 2019
    risk 0.00cvss epss 0.01

    An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the…