CVE-2020-24242: Out-of-bounds Read

August 25, 2020 (updated September 1, 2020)

In Netwide Assembler (NASM), SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory.

References

bugzilla.nasm.us/show_bug.cgi?id=3392708
nvd.nist.gov/vuln/detail/CVE-2020-24242

Detect and mitigate CVE-2020-24242 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →