CVE-2023-39070

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-39070

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-39070.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-39070

Downstream

DEBIAN-CVE-2023-39070

UBUNTU-CVE-2023-39070

openSUSE-SU-2023:0413-1

openSUSE-SU-2024:13526-1

Related

Published

2023-09-11T19:15:43.127Z

Modified

2025-11-15T06:44:44.559194Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An issue in Cppcheck 2.12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token.cpp:1934.

References

https://sourceforge.net/p/cppcheck/discussion/general/thread/fa43fb8ab1/

Affected packages

Git / github.com/danmar/cppcheck

Affected ranges

Type: GIT
Repo: https://github.com/danmar/cppcheck
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

f2f1fb0bca5f23aac8f02fb9c09e4529a7935749

Affected versions

1.*

1.30

1.31

1.32

1.33

1.34

1.35

1.36

1.37

1.38

1.39

1.40

1.41

1.42

1.43

1.44

1.45

1.46

1.47

1.48

1.49

1.50

1.51

1.52

1.53

1.54

1.55

1.56

1.57

1.58

1.59

1.60

1.60.1

1.61

1.62

1.62.1

1.63

1.64

1.65

1.66

1.67

1.68

1.69

1.70

1.71

1.72

1.73

1.74

1.75

1.76

1.77

1.78

1.79

1.80

1.81

1.82

1.83

1.84

1.85

1.86

1.87

1.88

1.89

1.90

2.*

2.0

2.1

2.12-rc1

2.12.0

2.2

2.3

2.4

2.5

2.7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-39070.json"