Vulnerabilities > Ledger CLI

DATE CVE VULNERABILITY TITLE RISK
2017-09-05 CVE-2017-2808 Use After Free vulnerability in Ledger-Cli Ledger 3.1.1
An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1.
6.8
2017-09-05 CVE-2017-2807 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ledger-Cli Ledger 3.1.1
An exploitable buffer overflow vulnerability exists in the tag parsing functionality of Ledger-CLI 3.1.1.
6.8
2017-08-04 CVE-2017-12482 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ledger-Cli Ledger 3.1.1
The ledger::parse_date_mask_routine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
6.8
2017-08-04 CVE-2017-12481 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ledger-Cli Ledger 3.1.1
The find_option function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
6.8