CVE-2018-20712

ADVISORY - nist

Summary

A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.

EPSS Score⁠: 0.00112 (0.456)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-125⁠

Out-of-bounds Read

ADVISORY - redhat

CWE-476⁠

NULL Pointer Dereference

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.