CVE-2024-22857: Heap Based Buffer overflow in zlog library

CVE-2024-22857: Heap Based Buffer overflow in zlog library

Open Source Security [[{„value“:“

Posted by Ali Raza Mumtaz on Feb 28

Hi,

We have found a vulnerability in zlog that is essentially a heap-based buffer overflow leading to denial of service and
arbitrary code execution.

We have been trying to contact the maintainer of this project for almost three months and haven’t received any
response. Additionally, we have reserved a CVE number with MITRE (CVE-2024-22857) and now we intend to publish it.

We have a working PoC that provides code execution, along with a…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert