Whoopsie Whoopsieproject Whoopsie

stack.watch can email you when security vulnerabilities are reported in Whoopsieproject Whoopsie. You can add multiple products that you use with Whoopsie to create your own personal software stack watcher.

By the Year

In 2021 there have been 0 vulnerabilities in Whoopsieproject Whoopsie . Last year Whoopsie had 3 security vulnerabilities published. Right now, Whoopsie is on track to have less security vulnerabilities in 2021 than it did last year.

Year Vulnerabilities Average Score
2021 0 0.00
2020 3 6.27
2019 0 0.00
2018 0 0.00

It may take a day or so for new Whoopsie vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Whoopsieproject Whoopsie Security Vulnerabilities

The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which

CVE-2020-15570 5.5 - Medium - July 06, 2020

The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.

CVE-2020-15570 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Allocation of Resources Without Limits or Throttling

bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values

CVE-2020-12135 5.5 - Medium - April 24, 2020

bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.

CVE-2020-12135 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Integer Overflow or Wraparound

Kevin Backhouse discovered an integer overflow in bson_ensure_space

CVE-2019-11484 7.8 - High - February 08, 2020

Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.

CVE-2019-11484 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Integer Overflow or Wraparound