CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
22.7%
DISPUTED yasm 1.3.0.55.g101bc has a segmentation violation in the
function delete_Token at modules/preprocs/nasm/nasm-pp.c. NOTE: although a
libyasm application could become unavailable if this were exploited, the
vendor’s position is that there is no security relevance because there is
either supposed to be input validation before data reaches libyasm, or a
sandbox in which the application runs.
Author | Note |
---|---|
rodrigo-zaiden | CLI tool crash only. |
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
22.7%