Vulnerabilities > GNU > Patch > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-22 | CVE-2021-45261 | Release of Invalid Pointer or Reference vulnerability in GNU Patch 2.7 An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service. | 5.5 |
| 2020-03-25 | CVE-2019-20633 | Double Free vulnerability in GNU Patch 2.5/2.5.4/2.7.1 GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. | 5.5 |
| 2019-07-17 | CVE-2019-13636 | Link Following vulnerability in GNU Patch 2.5/2.5.4/2.7.1 In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. | 5.9 |
| 2018-02-13 | CVE-2016-10713 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Patch 2.5/2.5.4/2.7.1 An issue was discovered in GNU patch before 2.7.6. | 5.5 |
| 2017-08-25 | CVE-2014-9637 | Resource Management Errors vulnerability in multiple products GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file. | 5.5 |