Vulnerabilities > CVE-2019-14872 - NULL Pointer Dereference vulnerability in Newlib Project Newlib

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
newlib-project
CWE-476

Summary

The _dtoa_r function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return value. This could result in NULL pointer dereference.

Common Weakness Enumeration (CWE)