Search CVE reports
1 – 2 of 2 results
Some fixes available 3 of 5
boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms...
5 affected packages
boost1.40, boost1.42, boost1.48, boost1.49, boost1.50
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| boost1.40 | — | — | — | — |
| boost1.42 | — | — | — | — |
| boost1.48 | — | — | — | — |
| boost1.49 | — | — | — | — |
| boost1.50 | — | — | — | — |
Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk...
7 affected packages
boost1.42, boost, boost1.40, boost1.46, boost1.48...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| boost1.42 | — | — | Not in release | Not in release |
| boost | — | — | Not in release | Not in release |
| boost1.40 | — | — | Not in release | Not in release |
| boost1.46 | — | — | Not in release | Not in release |
| boost1.48 | — | — | Not in release | Not in release |
| boost1.49 | — | — | Not in release | Not in release |
| boost1.50 | — | — | Not in release | Not in release |