Whoopsieproject Whoopsie
By the Year
In 2021 there have been 0 vulnerabilities in Whoopsieproject Whoopsie . Last year Whoopsie had 3 security vulnerabilities published. Right now, Whoopsie is on track to have less security vulnerabilities in 2021 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2021 | 0 | 0.00 |
2020 | 3 | 6.27 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Whoopsie vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.
Latest Whoopsieproject Whoopsie Security Vulnerabilities
The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which
CVE-2020-15570
5.5 - Medium
- July 06, 2020
The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.
CVE-2020-15570 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Allocation of Resources Without Limits or Throttling
bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values
CVE-2020-12135
5.5 - Medium
- April 24, 2020
bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.
CVE-2020-12135 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Integer Overflow or Wraparound
Kevin Backhouse discovered an integer overflow in bson_ensure_space
CVE-2019-11484
7.8 - High
- February 08, 2020
Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.
CVE-2019-11484 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Integer Overflow or Wraparound