GNU » Aspell : Security Vulnerabilities, CVEs, CVSS score >= 9

CVE-2019-20433

libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable.
Max CVSS
9.1
EPSS Score
0.22%
Published
2020-01-27
Updated
2020-01-31

CVE-2019-17544

libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
Max CVSS
9.1
EPSS Score
1.08%
Published
2019-10-14
Updated
2021-08-02
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close