← back
CVE-2020-28241

CVE-2020-28241

EPSS 2.1%
libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/maxmind/libmaxminddb/compare/1.4.2...1.4.3https://github.com/maxmind/libmaxminddb/issues/236https://github.com/maxmind/libmaxminddb/pull/237https://lists.debian.org/debian-lts-announce/2020/11/msg00019.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WUK4UCOB5FJVK36E22IRLEYGKMUWGBG/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ELTOHZBPO6XVUVADP4DPZBNQCPTYOQBV/https://security.gentoo.org/glsa/202011-15