CVE-2019-25051

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2019-25051
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-25051.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-25051
Downstream
Related
Published
2021-07-20T07:15:07Z
Modified
2025-10-15T10:53:43.012172Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop (called from acommon::StringMap::add and acommon::Config::lookuplist).

References

Affected packages

Git / github.com/gnuaspell/aspell

Affected ranges

Type
GIT
Repo
https://github.com/gnuaspell/aspell
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
0718b375425aad8e54e1150313b862e4c6fd324a

Affected versions

rel-0.*

rel-0.60.6.1
rel-0.60.7-20110707

Database specific

vanir_signatures

[
    {
        "id": "CVE-2019-25051-12953271",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "target": {
            "file": "common/objstack.hpp"
        },
        "digest": {
            "line_hashes": [
                "20741968054567667006840823718416843555",
                "48669766990622990348110031277074531386",
                "124478308237746286355263336210279774169",
                "254171296138168226185731254767453214863",
                "153130692224193140312513925859179788942",
                "156472988026344010173180164208788218399",
                "323763241861885492035366980822390709317",
                "149210157173490313495831924725928229579",
                "12064939868332011875054441098367037482",
                "208546510027406812798791188077004362261",
                "300012719372335497388691665153054731688",
                "77184948482378228181740127854690497486",
                "316060089257361314713213843910858750339",
                "95422536966481986374742996418114234753",
                "139530028569518203681300622749453340292",
                "167931004292016475039514338429632601662",
                "241598196685381485387944596351656742172",
                "14249314018426004808875882964542643965",
                "251432815606490957619682021619273892766",
                "280312080848088951382755087602490042658",
                "136630194393778155215785802581261531097",
                "333361429658487439591629222400279209701",
                "265385935685096533683588504798833224273",
                "87194131836508631733108062242565292159",
                "276704930757797464928980171564658936648",
                "217840305157519485693617483665134267671",
                "328697697676029868190506994853673465512",
                "129392233186770180308298008870256738568",
                "41363740877498903553993260101090087717",
                "291806133784570566236115968372994891271",
                "20923778386564086176919216718681975547",
                "163001508768730742241893228893671638437",
                "41363740877498903553993260101090087717",
                "291806133784570566236115968372994891271",
                "20923778386564086176919216718681975547",
                "163001508768730742241893228893671638437"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/gnuaspell/aspell/commit/0718b375425aad8e54e1150313b862e4c6fd324a"
    }
]