CVE-2019-11637

Name
CVE-2019-11637
Description
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_rset_get_props at rec-rset.c in librec.a, leading to a crash.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Third Party Advisory https://github.com/TeamSeri0us/pocs/tree/master/recutils/bug-report-recutils/rec2csv
Exploit https://github.com/TeamSeri0us/pocs/blob/master/recutils/bug-report-recutils

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:gnu:recutils:1.8:*:*:*:*:*:*:* recutils == None == 1.8

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
recutils edge-community 1.8-r0 Will Sinatra <wpsinatra@gmail.com> possibly vulnerable