Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2017-08-17T19:00:00Z
Updated: 2024-09-17T02:36:08.138Z
Reserved: 2017-04-05T00:00:00
Link: CVE-2017-7555
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-08-17T19:29:00.223
Modified: 2017-12-09T02:29:10.530
Link: CVE-2017-7555
Redhat