CVE-2024-8948 | MicroPython 1.23.0 py/objint.c mpz_as_bytes heap-based overflow (Issue 13041)

Inserito da Angelo Barbosa | Set 17, 2024 | CVE

A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this issue is the function mpz_as_bytes of the file py/objint.c. The manipulation leads to heap-based buffer overflow.

This vulnerability is handled as CVE-2024-8948. The attack may be launched remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-8948 | MicroPython 1.23.0 py/objint.c mpz_as_bytes heap-based overflow (Issue 13041)

Post correlati

CVE-2024-27774 | Unitronics Unistream Unilogic prior 1.35.227 hard-coded password

CVE-2023-50443 | PRIMX CRYHOD prior 2020.4/2023.5 on Windows UNC Reference access control

CVE-2024-24816 | CKeditor4 up to 4.23.x cross site scripting (GHSA-mw2c-vx6j-mg76)

CVE-2023-37400 | IBM Aspera Faspex up to 5.0.7 insufficiently protected credentials (XFDB-259677)