Vulnerabilities > GNU > Aspell

DATE CVE VULNERABILITY TITLE RISK
2021-07-20 CVE-2019-25051 Out-of-bounds Write vulnerability in multiple products
objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).
local
low complexity
gnu debian fedoraproject CWE-787
7.8
2020-01-27 CVE-2019-20433 Out-of-bounds Read vulnerability in GNU Aspell
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable.
network
low complexity
gnu CWE-125
critical
9.1
2019-10-14 CVE-2019-17544 Out-of-bounds Read vulnerability in multiple products
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
network
low complexity
gnu canonical CWE-125
critical
9.1