« List of all CVEs

CVE-2016-6354

Published: 9/21/2016 Last updated: 8/6/2024 Reserved: 7/26/2016

Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-flex

Products affected (1)

Product Vendor Version
n/a n/a 22.0 ap381367

References (10)