CVE-2020-24383

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-24383
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-24383.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-24383
Published
2020-12-11T23:15:14Z
Modified
2024-09-03T03:22:07.038084Z
Severity
  • 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or Denial-or-Service.

References

Affected packages

Git / github.com/butok/fnet

Affected ranges

Type
GIT
Repo
https://github.com/butok/fnet
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

3.*

3.1.1
3.6.0

FNET_3.*

FNET_3.3.0

v3.*

v3.0.0
v3.2.0
v3.4.0
v3.5.0
v3.6.1
v3.7.0
v3.8.0
v3.8.1
v3.8.2
v3.9.0
v3.9.1
v3.9.2
v3.9.3
v3.9.3pre
v3.9.3prev
v3.9.3updated
v3.9.4

v4.*

v4.0.0
v4.0.1
v4.0.2
v4.1.0
v4.1.1
v4.2.0
v4.3.0
v4.4.0
v4.4.1
v4.5.0
v4.5.1
v4.5.2
v4.5.3
v4.6.0
v4.6.1
v4.6.2
v4.6.3
v4.6.4