Search CVE reports
1 – 2 of 2 results
CVE-2013-0252
Medium prioritySome fixes available 3 of 5
boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms...
5 affected packages
boost1.40, boost1.42, boost1.48, boost1.49, boost1.50
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
boost1.40 | — | — | — | — | Not in release |
boost1.42 | — | — | — | — | Not in release |
boost1.48 | — | — | — | — | Not in release |
boost1.49 | — | — | — | — | Not in release |
boost1.50 | — | — | — | — | Not in release |
CVE-2012-2677
Low priorityInteger overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk...
7 affected packages
boost, boost1.40, boost1.42, boost1.46, boost1.48...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
boost | — | — | Not in release | Not in release | Not in release |
boost1.40 | — | — | Not in release | Not in release | Not in release |
boost1.42 | — | — | Not in release | Not in release | Not in release |
boost1.46 | — | — | Not in release | Not in release | Not in release |
boost1.48 | — | — | Not in release | Not in release | Not in release |
boost1.49 | — | — | Not in release | Not in release | Not in release |
boost1.50 | — | — | Not in release | Not in release | Not in release |