1. CVE-Search
  2. CVE-2023-0341
ID CVE-2023-0341
Summary A stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over the p_pcre buffer.
References
Vulnerable Configurations
  • cpe:2.3:a:editorconfig:editorconfig:0.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.11.5:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.12.0:-:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.12.0:-:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.12.0:alpha1:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.12.0:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.12.0:beta:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.12.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.12.4:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:editorconfig:editorconfig:0.12.5:*:*:*:*:*:*:*
    cpe:2.3:a:editorconfig:editorconfig:0.12.5:*:*:*:*:*:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 03-06-2023 - 05:15
Published 01-02-2023 - 00:15
Last modified 03-06-2023 - 05:15
Back to Top