Matio Project Matio 1.5.17

CPE Details

Matio Project Matio 1.5.17
matio_project
matio
1.5.17
2019-10-16
11h49 +00:00
2019-10-16
11h49 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:matio_project:matio:1.5.17:*:*:*:*:*:*:*

Informations

Vendor

matio_project

Product

matio

Version

1.5.17

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-1515 2022-05-02 16h58 +00:00 A memory leak was discovered in matio 1.5.21 and earlier in Mat_VarReadNextInfo5() in mat5.c via a crafted file. This issue can potentially result in DoS.
5.5
Medium
CVE-2020-19497 2021-07-21 15h19 +00:00 Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tbeu matio (aka MAT File I/O Library) 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts.
8.8
High
CVE-2019-20052 2019-12-27 20h59 +00:00 A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case.
6.5
Medium
CVE-2019-20017 2019-12-27 00h12 +00:00 A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17.
6.5
Medium
CVE-2019-20018 2019-12-27 00h11 +00:00 A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17.
6.5
Medium
CVE-2019-20019 2019-12-27 00h11 +00:00 An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.
6.5
Medium
CVE-2019-20020 2019-12-27 00h11 +00:00 A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17.
6.5
Medium
CVE-2019-17533 2019-10-13 00h00 +00:00 Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed.
8.2
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.