A stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over the p_pcre buffer.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: canonical
Published: 2023-01-31T23:22:53.634Z
Updated: 2023-02-09T21:53:58.452Z
Reserved: 2023-01-17T16:04:01.890Z
Link: CVE-2023-0341
JSON object: View
NVD Information
Status : Modified
Published: 2023-02-01T00:15:10.343
Modified: 2023-06-03T05:15:08.917
Link: CVE-2023-0341
JSON object: View
Redhat Information
No data.