Vulnerabilities > CVE-2019-14872 - NULL Pointer Dereference vulnerability in Newlib Project Newlib

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
newlib-project
CWE-476
NVD
Published: 2020-03-19
Updated: 2020-03-24

Summary

The _dtoa_r function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return value. This could result in NULL pointer dereference.

Vulnerable Configurations

Part Description Count
Application
Newlib_Project
22

Common Weakness Enumeration (CWE)

References