CVE-2021-44492
- Source
- https://cve.org/CVERecord?id=CVE-2021-44492
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-44492.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-44492
- Downstream
- Published
- 2022-04-15T18:15:08.800Z
- Modified
- 2026-05-30T18:30:20.261536Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, attackers can cause a type to be incorrectly initialized in the function fincr in srport/f_incr.c and cause a crash due to a NULL pointer dereference.
- References
Affected packages
Git / gitlab.com/yottadb/db/ydb
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.com/yottadb/db/ydb
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affected
- Database specific
{ "cpe": [ "cpe:2.3:a:fisglobal:gt.m:*:*:*:*:*:*:*:*", "cpe:2.3:a:yottadb:yottadb:*:*:*:*:*:*:*:*" ], "extracted_events": [ { "introduced": "0" }, { "last_affected": "7.0-000" }, { "last_affected": "1.32" } ], "source": "CPE_RANGE" }
Affected versions
Other
Octo_alpha1
V4.*
V4.2-002
V4.3-000
V4.3-001A
V4.3-001B
V4.3-001D
V4.3-001E
V4.4-002
V4.4-003
V4.4-004
V4.4-FT01
V5.*
V5.0-000
V5.0-000C
V5.0-000D
V5.1-000
V5.2-000
V5.2-000A
V5.2-000B
V5.2-001
V5.3-000
V5.3-001
V5.3-001A
V5.3-002
V5.3-003
V5.3-004
V5.3-004A
V5.4-000
V5.4-000A
V5.4-001
V5.4-002
V5.4-002A
V5.4-002B
V5.5-000
V6.*
V6.0-000x64
V6.0-000x86
V6.0-001
V6.0-002
V6.0-003
V6.1-000
V6.2-000
V6.2-001
V6.2-002
V6.2-002A
V6.3-000
V6.3-000A
V6.3-001
V6.3-001A
V6.3-002
V6.3-003
V6.3-003A
V6.3-004
V6.3-005
V6.3-006
V6.3-007
V6.3-008
V6.3-009
V6.3-010
V6.3-011
V6.3-012
V6.3-013
V6.3-014
V7.*
V7.0-000
r1.*
r1.00
r1.10
r1.20
r1.22
r1.24
r1.26
r1.28
r1.30
r1.32