CVE-2021-30184 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc.
Group Package Affected Fixed Severity Status Ticket
AVG-1782 gnuchess 6.2.7-1 Medium Vulnerable
References
https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg00000.html
https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/txtJ07eHdR0m6.txt