VYPR
Vendor

Boost

Products
5
CVEs
6
Across products
9
Status
Private

Products

5

Recent CVEs

6
  • CVE-2016-9840HigMay 23, 2017
    risk 0.58cvss 8.8epss 0.05

    inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

  • CVE-2026-11460HigJun 7, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in Boost Serialization up to 1.91. The impacted element is an unknown function. This manipulation causes improper validation of specified type of input. It is possible to initiate the attack remotely. The exploit has been published and may be used. The…

  • CVE-2013-0252Mar 12, 2013
    risk 0.00cvss epss 0.03

    boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms via crafted trailing bytes.

  • CVE-2012-2677Jul 25, 2012
    risk 0.00cvss epss 0.04

    Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be…

  • CVE-2008-0172Jan 17, 2008
    risk 0.00cvss epss 0.02

    The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression.

  • CVE-2008-0171Jan 17, 2008
    risk 0.00cvss epss 0.03

    regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression.