CVE-2019-18936

jgarzik/univalue

on github

Published

March 21, 2020

Severity

CVSS v3:

7.5 HIGH

CVSS v2:

5 MEDIUM

Description

UniValue::read() in UniValue before 1.0.5 allow attackers to cause a denial of service (the class internal data reaches an inconsistent state) via input data that triggers an error.

References

https://github.com/jgarzik/univalue/pull/58
https://github.com/jgarzik/univalue/compare/v1.0.4...v1.0.5

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:bloq:univalue::::::::	n/a	1.0.5	*

External Links

NVD - CVE-2019-18936