VYPR

Halibut

by Octopus

nuget: halibut

CVEs (4)

  • CVE-2021-42614May 24, 2022
    risk 0.00cvss epss 0.01

    A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document.

  • CVE-2021-42613May 24, 2022
    risk 0.00cvss epss 0.01

    A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document.

  • CVE-2021-42612May 24, 2022
    risk 0.00cvss epss 0.01

    A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document.

  • CVE-2021-31819Sep 22, 2021
    risk 0.00cvss epss 0.02

    In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification.