CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29935
https://notcve.org/view.php?id=CVE-2023-29935
llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced. • https://github.com/llvm/llvm-project/issues/59182 • CWE-617: Reachable Assertion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29942
https://notcve.org/view.php?id=CVE-2023-29942
llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType. • https://github.com/llvm/llvm-project/issues/59990 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-26924
https://notcve.org/view.php?id=CVE-2023-26924
LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockRegion. NOTE: third parties dispute this because the LLVM security policy excludes "Language front-ends ... for which a malicious input file can cause undesirable behavior." • https://gist.github.com/Colloportus0/fc16d10d74aedf89d5d1d020ebb89c0c https://github.com/llvm/llvm-project/issues/60216 https://llvm.org/docs/Security.html#what-is-considered-a-security-issue • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 1.9EPSS: 0%CPEs: 2EXPL: 0CVE-2014-2893
https://notcve.org/view.php?id=CVE-2014-2893
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names. La función GetHTMLRunDir en la utilidad scan-build en Clang 3.5 y anteriores permite a usuarios locales obtener información sensible o sobreescribir archivos arbitrarios a través de un ataque symlink sobre directorios temporales con nombres previsibles. • http://lists.opensuse.org/opensuse-updates/2015-02/msg00038.html http://www.openwall.com/lists/oss-security/2014/04/16/2 http://www.openwall.com/lists/oss-security/2014/04/20/1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744817 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •