Memory Leak in GNU Recutils Affects Multiple Versions
CVE-2019-6457

6.5MEDIUM

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
16 January 2019

Summary

A vulnerability exists in GNU Recutils 1.8, specifically within the rec_aggregate_reg_new function in rec-aggregate.c found in the librec.a library. This flaw leads to a memory leak, potentially causing excessive resource consumption and affecting system performance over time. Users of GNU Recutils should be aware of this issue and consider remedial actions to mitigate any risks associated with the vulnerability.

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.