First published: Mon Dec 31 2018(Updated: )
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ok-file-formats Project Ok-file-formats | <=20181016 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-20617 is a vulnerability in ok-file-formats through 2018-10-16 that allows a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c.
The severity of CVE-2018-20617 is high, with a severity value of 8.8.
CVE-2018-20617 affects ok-file-formats through 2018-10-16.
To fix CVE-2018-20617, update to a version of ok-file-formats after 2018-10-16 that includes the patch for the heap-based buffer overflow.
More information about CVE-2018-20617 can be found at the following reference: https://github.com/brackeen/ok-file-formats/issues/5