Detected 8 occurrence(s) of ‘CVE\-20[0-1]{1}[0-9]{1}\-[0-9]{4}': ion) or trigger the buffer overflow described below. ======================================================================== Buffer Overflow (CVE-2015-5334) ======================================================================== As a result of CVE-2014-3508, OBJ_obj2txt() was modified to "Ensure that, at every state, |buf| is NUL-terminated." However, in LibreSSL, the error-handling code at the end of the function may write this null-terminator out-of-bounds: 489 int 490 […]
↧