VYPR
Vendor

Gnulib

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2017-7476CriMay 2, 2017
    risk 0.64cvss 9.8epss 0.04

    Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the save_abbr function in time_rz.c.

  • CVE-2018-17942HigOct 3, 2018
    risk 0.00cvss 8.8epss 0.03

    The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.