CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-36405
https://notcve.org/view.php?id=CVE-2020-36405
Keystone Engine 0.9.2 has a use-after-free in llvm_ks::X86Operand::getToken. Keystone Engine versión 0.9.2, presenta un uso de la memoria previamente liberada en la función llvm_ks::X86Operand::getToken • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22850 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/keystone/OSV-2020-789.yaml https://github.com/keystone-engine/keystone/releases • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-36404
https://notcve.org/view.php?id=CVE-2020-36404
Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::~SmallVectorImpl. Keystone Engine versión 0.9.2, presenta una liberación no válida en la función llvm_ks::SmallVectorImpl(llvm_ks::MCFixup)::~SmallVectorImpl • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22371 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/keystone/OSV-2020-1506.yaml https://github.com/keystone-engine/keystone/releases • CWE-763: Release of Invalid Pointer or Reference •