Vulnerabilities > Ocaml

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-06	CVE-2018-9838	Integer Overflow or Wraparound vulnerability in Ocaml 4.06.0 The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object. network low complexity ocaml CWE-190 critical	9.8
2017-09-07	CVE-2017-9779	Unspecified vulnerability in Ocaml 4.02.3/4.04.0/4.04.1 OCaml compiler allows attackers to have unspecified impact via unknown vectors, a similar issue to CVE-2017-9772 "but with much less impact." local low complexity ocaml	7.8
2017-06-23	CVE-2017-9772	Unspecified vulnerability in Ocaml 4.04.0/4.04.1 Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAML_CPLUGINS, CAML_NATIVE_CPLUGINS, or CAML_BYTE_CPLUGINS environment variable. network low complexity ocaml critical	9.8
2016-06-13	CVE-2015-8869	Information Exposure vulnerability in multiple products OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function. network low complexity fedoraproject opensuse ocaml CWE-200 critical	9.1

Vulnerabilities > Ocaml {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ocaml"}]}