CVE-2021-40391 - log back

CVE-2021-40391 edited at 25 Nov 2021 20:23:29
Description
- An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0. A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
+ An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv before version 2.8.0. A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2021-40391 edited at 19 Nov 2021 21:48:29
References
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1402
+ https://github.com/gerbv/gerbv/issues/30
+ https://github.com/gerbv/gerbv/pull/35
+ https://github.com/gerbv/gerbv/commit/672214abb47a802fc000125996e6e0a46c623a4e
CVE-2021-40391 edited at 07 Nov 2021 13:10:35
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0. A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
References
+ https://talosintelligence.com/vulnerability_reports/TALOS-2021-1402
Notes
CVE-2021-40391 created at 07 Nov 2021 13:09:10