📦

whoopsie

Vendor: whoopsie_project

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 0.26% Exploit Prob.

Latest CVE CVE-2020-15570 Jul 06

Security Vulnerability Index

Page 1 / 1

5.5 CVSS

CVE-2020-15570

RCE

The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.

EPSS: 0.31%

Severity: MEDIUM

Jul 06, 2020

5.5 CVSS

CVE-2020-12135

bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.

EPSS: 0.35%

Severity: MEDIUM

Apr 24, 2020

6.3 CVSS

CVE-2019-11484

Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.

EPSS: 0.12%

Severity: MEDIUM

Feb 08, 2020

Displaying 3 of 3 Total Entries

Total 1 Sections