Identifier

CVE-2020-15904

Package Slug

pypi/bsdiff4

Vulnerability

Out-of-bounds Write

Description

A buffer overflow in the patching routine of bsdiff4 allows an attacker to write to heap memory (beyond allocated bounds) via a crafted patch file.

Affected Versions

All versions before 1.2.0

Solution

Upgrade to version 1.2.0 or above.

Last Modified

2020-07-30

source