Halibut
by Octopus
nuget: halibut
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-42614 | 0.00 | — | 0.01 | May 24, 2022 | A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document. | |||
| CVE-2021-42613 | 0.00 | — | 0.01 | May 24, 2022 | A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document. | |||
| CVE-2021-42612 | 0.00 | — | 0.01 | May 24, 2022 | A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. | |||
| CVE-2021-31819 | 0.00 | — | 0.02 | Sep 22, 2021 | In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification. |
- CVE-2021-42614May 24, 2022risk 0.00cvss —epss 0.01
A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document.
- CVE-2021-42613May 24, 2022risk 0.00cvss —epss 0.01
A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document.
- CVE-2021-42612May 24, 2022risk 0.00cvss —epss 0.01
A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document.
- CVE-2021-31819Sep 22, 2021risk 0.00cvss —epss 0.02
In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification.