Vulnerabilities/

Open Chinese Convert subject to Denial of Service via Out-of-bounds Read

Severity:
Medium

Description

Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial of service (segmentation fault) because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffset values via a crafted .ocd file.

Recommendation

Update the opencc package to the latest compatible version. Followings are version details:

References

Related Issues

Tags:
npm
opencc
Anything's wrong? Let us know Last updated on November 22, 2024