Vulnerabilities > Pkgconf

DATE CVE VULNERABILITY TITLE RISK
2023-01-22 CVE-2023-24056 Unspecified vulnerability in Pkgconf
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse.
local
low complexity
pkgconf
5.5
2018-08-20 CVE-2018-1000221 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pkgconf 1.5.0/1.5.1/1.5.2
pkgconf version 1.5.0 to 1.5.2 contains a Buffer Overflow vulnerability in dequote() that can result in dequote() function returns 1-byte allocation if initial length is 0, leading to buffer overflow.
network
low complexity
pkgconf CWE-119
critical
9.8