CVE-2020-28928
Description
In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.045
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-28928,CVE-2021-2341,CVE-2021-2369,CVE-2021-2388,CVE-2021-29921 are affected in Oracle GraalVM Enterprise Edition 20.3.2 | Windows |
| Vulnerabilities CVE-2020-28928,CVE-2021-2341,CVE-2021-2369,CVE-2021-2388,CVE-2021-29921 are affected in Oracle GraalVM Enterprise Edition 21.1.0 | Windows |
| Out-of-bounds Write Vulnerability (CVE-2020-28928) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234