Memory Leak Vulnerability in GNU Recutils by GNU
CVE-2019-6459

6.5MEDIUM

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
16 January 2019

Summary

A memory leak vulnerability has been identified in GNU Recutils version 1.8, specifically within the rec_extract_type function in rec-utils.c of the librec.a library. This flaw can potentially allow for the exhaustion of available memory, leading to performance degradation and instability in applications utilizing this library. Users are advised to assess their systems and apply necessary mitigations.

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.