CVE-2020-15904

Published July 22nd, 2020

View on NVD ↗

CVSS v3

7.8

HIGH

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory (beyond allocated bounds) via a crafted patch file.

ilanschnell/bsdiff4

binary diff and patch using the BSDIFF4-format

GitHub

143