AZL-27991

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-27991.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-27991

Upstream

CVE-2020-19725

Published

2023-08-22T19:16:04Z

Modified

2026-04-21T04:25:46.568588Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

CVE-2020-19725 affecting package z3 4.8.7-8

Details

There is a use-after-free vulnerability in file pdd_simplifier.cpp in Z3 before 4.8.8. It occurs when the solver attempt to simplify the constraints and causes unexpected memory access. It can cause segmentation faults or arbitrary code execution.

References

https://nvd.nist.gov/vuln/detail/CVE-2020-19725

Affected packages

Azure Linux:2 / z3

Package

Name: z3
Purl: pkg:rpm/azure-linux/z3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

4.8.7-8

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-27991.json"