In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.
{ "source": "CPE_STRING", "extracted_events": [ { "introduced": "4.9.2" }, { "last_affected": "4.9.2" } ], "cpe": "cpe:2.3:a:tcpdump:tcpdump:4.9.2:*:*:*:*:*:*:*" }
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-19519.json"