[3.7] augeas: Improper handling of escaped strings leading to memory corruption (CVE-2017-7555)ID: oval:org.secpod.oval:def:1800823 | Date: (C)2018-03-29 (M)2022-08-31 |
Class: PATCH | Family: unix |
Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crashor possible code execution. Fixed In Version:¶ augeas 1.8.1
Platform: |
Alpine Linux 3.7 |