docorenote in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
{
"unresolved_ranges": [
{
"cpes": [
"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"fixed": "12.2"
}
],
"vendor_product": "apple:iphone_os",
"source": "CPE_FIELD"
},
{
"cpes": [
"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"fixed": "10.14.4"
}
],
"vendor_product": "apple:mac_os_x",
"source": "CPE_FIELD"
},
{
"cpes": [
"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"fixed": "12.2"
}
],
"vendor_product": "apple:tvos",
"source": "CPE_FIELD"
},
{
"cpes": [
"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"fixed": "5.2"
}
],
"vendor_product": "apple:watchos",
"source": "CPE_FIELD"
},
{
"cpes": [
"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"last_affected": "16.04"
},
{
"last_affected": "18.04"
},
{
"last_affected": "18.10"
}
],
"vendor_product": "canonical:ubuntu_linux",
"source": "CPE_FIELD"
},
{
"cpes": [
"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"last_affected": "15.0"
},
{
"last_affected": "42.3"
}
],
"vendor_product": "opensuse:leap",
"source": "CPE_FIELD"
}
]
}