CVE-2021-375115.09.2021, 07:15libmobi is vulnerable to Out-of-bounds WriteEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST9.8 CRITICALNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H@huntrdevCNA9.6 CRITICALNETWORKLOWNONECVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HCVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 55%VendorProductVersionlibmobi_projectlibmobi𝑥< 0.7𝑥= Vulnerable software versionsDebian ReleasesDebian ProductCodenamelibmobibookworm0.11+dfsg-1fixedsid0.12+dfsg-1fixedtrixie0.12+dfsg-1fixedKnown Exploits!https://huntr.dev/bounties/fcb4383c-bc27-4b89-bfce-6b041f0cb769https://huntr.dev/bounties/fcb4383c-bc27-4b89-bfce-6b041f0cb769Common Weakness EnumerationCWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.Referenceshttps://github.com/bfabiszewski/libmobi/commit/ab5bf0e37e540eac682a14e628853b918626e72bhttps://huntr.dev/bounties/fcb4383c-bc27-4b89-bfce-6b041f0cb769https://github.com/bfabiszewski/libmobi/commit/ab5bf0e37e540eac682a14e628853b918626e72bhttps://huntr.dev/bounties/fcb4383c-bc27-4b89-bfce-6b041f0cb769
