Security Advisory

CVE-2020-28951

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-19 19:01:57

Last updated 2024-08-04 16:48:00

Assigner mitre

State PUBLISHED

Description

libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uci_parse_package in file.c and uci_strdup in util.c.

← Browse all CVEs View on cve.org ↗