CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2018-9838
https://notcve.org/view.php?id=CVE-2018-9838
The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object. La función caml_ba_deserialize en byterun/bigarray.c en la biblioteca estándar en OCaml 4.06.0 tiene un desbordamiento de enteros que, en situaciones en las que los datos serializados se aceptan de una fuente no fiable, permite que atacantes remotos provoquen una denegación de servicio (corrupción de memoria) o ejecuten código arbitrario mediante un objeto manipulado. • https://caml.inria.fr/mantis/view.php?id=7765 https://security.gentoo.org/glsa/202007-48 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-17519
https://notcve.org/view.php?id=CVE-2017-17519
batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) 2.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. batteriesConfig.mlp en OCaml Batteries Included (también conocido como ocaml-batteries) 2.6 no valida cadenas antes de iniciar el programa especificado por la variable de entorno BROWSER. Esto podría permitir que atacantes remotos lleven a cabo ataques de inyección de argumentos mediante una URL manipulada. • https://security-tracker.debian.org/tracker/CVE-2017-17519 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-9779
https://notcve.org/view.php?id=CVE-2017-9779
OCaml compiler allows attackers to have unspecified impact via unknown vectors, a similar issue to CVE-2017-9772 "but with much less impact." El compilador OCaml permite que los atacantes provoquen un impacto sin especificar mediante vectores desconocidos. Este problema es parecido al de CVE-2017-9772 "pero con un impacto mucho menor." • https://github.com/homjxi0e/CVE-2017-9779 https://caml.inria.fr/mantis/view.php?id=7557 https://sympa.inria.fr/sympa/arc/caml-list/2017-06/msg00094.html •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-9772
https://notcve.org/view.php?id=CVE-2017-9772
Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAML_CPLUGINS, CAML_NATIVE_CPLUGINS, or CAML_BYTE_CPLUGINS environment variable. Una sanitización insuficiente en las versiones 4.04.0 y 4.04.1 del compilador de OCaml permite que se ejecute código con privilegios elevados en binarios marcados como setuid, estableciendo la variable de entorno CAML_CPLUGINS, CAML_NATIVE_CPLUGINS o CAML_BYTE_CPLUGINS. • http://www.securityfocus.com/bid/99277 https://caml.inria.fr/mantis/view.php?id=7557 https://security.gentoo.org/glsa/201710-07 https://sympa.inria.fr/sympa/arc/caml-list/2017-06/msg00094.html •
CVSS: 9.1EPSS: 2%CPEs: 3EXPL: 0CVE-2015-8869 – ocaml: sizes arguments are sign-extended from 32 to 64 bits
https://notcve.org/view.php?id=CVE-2015-8869
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function. OCaml en versiones anteriores a 4.03.0 no maneja correctamente extensiones de firma, lo que permite a atacantes remotos llevar a cabo ataques de desbordamiento de buffer u obtener información sensible según lo demostrado por una cadena larga para la función String.copy. An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184507.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00081.html http://lists.opensuse.org/opensuse-updates/2016-09/msg00037.html http://rhn.redhat.com/errata/RHSA-2016-2576.html http://rhn.redhat.com/errata/RHSA-2017-0564.html http://rhn.redhat.com/errata/RHSA-2017-0565.html http://www.openwall.com/lists/oss-security/2016/04/29/1 http://www.openwall.com/lists/oss-security/2016/04/29/6 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-194: Unexpected Sign Extension CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •