Search for packages
| purl | pkg:deb/debian/poco@1.11.0-3 |
| Tags | Ghost |
| Next non-vulnerable version | 1.11.0-3+deb12u1 |
| Latest non-vulnerable version | 1.13.0-6 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-kprc-dzr5-aaaj
Aliases: CVE-2023-52389 |
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert() may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in 1.11.8p2, 1.12.5p2, and 1.13.0. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-11-24T04:04:57.350554+00:00 | Debian Importer | Affected by | VCID-kprc-dzr5-aaaj | https://security-tracker.debian.org/tracker/data/json | 35.0.0 |
| 2024-10-11T01:25:27.110146+00:00 | Debian Importer | Affected by | VCID-kprc-dzr5-aaaj | https://security-tracker.debian.org/tracker/data/json | 34.0.2 |
| 2024-09-20T05:59:09.020391+00:00 | Debian Importer | Affected by | VCID-kprc-dzr5-aaaj | https://security-tracker.debian.org/tracker/data/json | 34.0.1 |
| 2024-05-20T15:13:45.295147+00:00 | Debian Importer | Affected by | VCID-kprc-dzr5-aaaj | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |