Skip to main content

Bison

2 CVEs product

Monthly

CVE-2020-24240 MEDIUM PATCH This Month

GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\0' byte is encountered. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Denial Of Service Memory Corruption Bison
NVD GitHub
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-14150 MEDIUM This Month

GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Bison
NVD
CVSS 3.1
5.5
EPSS
0.4%
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\0' byte is encountered. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Denial Of Service Memory Corruption +1
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Bison
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy