CVE-2023-46046
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-46046
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-46046.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-46046
- Downstream
- Published
- 2024-03-27T05:15:47.440Z
- Modified
- 2025-11-15T06:56:58.829752Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference via ti_expr in a crafted .mzn file. NOTE: this is disputed because there is no common libminizinc use case in which an unattended process is supposed to run forever to process a series of atttacker-controlled .mzn files.
- Database specific
{ "isDisputed": true }- References
-
- http://seclists.org/fulldisclosure/2024/Jan/63
- https://www.minizinc.org/doc-2.8.3/en/changelog.html
- http://packetstormsecurity.com/files/176817/MiniZinc-2.7.6-Null-Pointer.html
- https://github.com/MiniZinc/libminizinc/issues/730
- https://github.com/MiniZinc/libminizinc/commit/afe67acc20898e4308044b54c4acf7a08df544f0
Affected packages
Git / github.com/minizinc/libminizinc
Affected ranges
- Type
- GIT
- Repo
- https://github.com/minizinc/libminizinc
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
2.*
2.0.0
2.0.1
2.0.10
2.0.11
2.0.12
2.0.13
2.0.14
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.0.8
2.0.9
2.0.97
2.0.98
2.0.b1
2.0.b2
2.0.b3
2.0.b4
2.1.0
2.1.0b2
2.1.0b3
2.1.1
2.1.2
2.1.3
2.1.4
2.1.5
2.1.6
2.1.7
2.2.0
2.2.1
2.2.2
2.2.3
2.3.0
2.3.1
2.3.2
2.4.0
2.4.1
2.4.2
2.4.3
2.5.0
2.5.1
2.5.2
2.5.3
2.5.4
2.5.5
2.6.0
2.6.1
2.6.2
2.6.3
2.6.4
2.7.0
2.7.1
2.7.2
2.7.3
2.7.4
2.7.5
2.7.6
Database specific
vanir_signatures
[
{
"id": "CVE-2023-46046-195d7ec0",
"source": "https://github.com/minizinc/libminizinc/commit/afe67acc20898e4308044b54c4acf7a08df544f0",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"function_hash": "159590740340000452732262534981804183081",
"length": 98565.0
},
"target": {
"function": "yyparse",
"file": "lib/cached/parser.tab.cpp"
}
},
{
"id": "CVE-2023-46046-a0280504",
"source": "https://github.com/minizinc/libminizinc/commit/afe67acc20898e4308044b54c4acf7a08df544f0",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"167444289913573133685966991372426766369",
"227359875495467566515814932557538062278",
"132834595847346884134415873557772924078",
"212052678522255194554286315934808054551"
],
"threshold": 0.9
},
"target": {
"file": "lib/cached/minizinc/parser.tab.hh"
}
},
{
"id": "CVE-2023-46046-f19cae67",
"source": "https://github.com/minizinc/libminizinc/commit/afe67acc20898e4308044b54c4acf7a08df544f0",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"41369065801590403269906737208850996398",
"84639051280245143182487291506865029567",
"88831857541686223655775384410224509636",
"29788272144588850750790521257997831469",
"65953240008922408744975366050469705913",
"194902177327681595906293300957327175187",
"321726944488414938937236818439797269311",
"74408590284288045621468674470769726929",
"190785362618558146174239490815472598991",
"161054580274919064923016919248248711619",
"280972103494769796408790227200336550712",
"18929638329477058610622327411255628791",
"258460756245294186982921129748524689996",
"294370449508251006315805282116966768052",
"170036041616572126979934469388462053108",
"316694081653274257039217420712638013632",
"301331582935591007316349784446201624218",
"177555665236374530356549710959988516031",
"39295001753975040280676401660365104050",
"311635377005071468461238029123663755362",
"117461885306581428731817391884801819647",
"45917267265216056889723379451273852978",
"17111940671096972159995597137631669063",
"260594255980853277635968285979043987865",
"69363431614542846440484001487235006399",
"206948501526446472025097525196671947535",
"254361570570497497527013019823809489774",
"56591572742291160689104061616845588079",
"43504413001548766722419025265785619427",
"224780550542474184625043385183471122678",
"51258068744588929289588256643792774524",
"157081061823268993074703469094558229227",
"332952702350119608573661281360037026039",
"75371541750965716469696684487812808863",
"228680930735472739690839937753259620903",
"31315197848273929974663041131885236087",
"216759392842887517145479237546130640647",
"7233954429818631762915381835423485474",
"222350020895404273038760093246340328442",
"244168271120825028748466918671510230690",
"159959174165739556755347064397969785975",
"53798922902014749551966515573245783144",
"234062167746465853055411668689880957911",
"160168573013239698978859236503969769203",
"137579360068289266050907038953244593234",
"193623568742956280627308585925713556575",
"15759415080462533118847889156214297478",
"250763282015289041075648265787129704761",
"134532282538045021463534472218718841307",
"23642512701749557984363462054946274611",
"94049078293870957827826825344595154263",
"57985313113529399166318260389037113590",
"59706010452658294402835189109421832021",
"256343149231915714309498639226919921486",
"218320800388276786321256411469118515546",
"37418208057866818200058451214337556424",
"197424378134357073608792666914626012499",
"270295676649660158781444853821125886664",
"296843742657829073350481657900982479240",
"164875458048634174415285026066977530221",
"242066986833660769389092137482038572482",
"283836394131288505848475398719408013020",
"74885928932266890615964729240996373905",
"256277689921976399787532524150970765189",
"35693664933994284966072325117552565191",
"290506845872674798837648409172968209027",
"88725728513588148086316230493760326341",
"170681101782046499617668993207389649051",
"104654296546687839702316264618827785496",
"56652161144252534625893705154388080637",
"214998861572524700175324239366276883529",
"36560362495012508543802721715767890950",
"130122756278653784452488057466444812255",
"314748519954244922452058435063506579685",
"269784016094134734714357397449764500325",
"19389138591779042675232159058545339870",
"211173301070780988958537606669982661544",
"205883834189780796022821879963011495823",
"155164511983102518791222725789714126229",
"32031887654878380170407920519568008460",
"213779906473000638225248476655811746118",
"45518235937195246500577188613191985253",
"244450394497772056553261055806822918675",
"114157767592540271182824911472243912014",
"198381103706871106531379277445898789917",
"1052971075786539073382618223055561036",
"131046071533067513573234803522517392473",
"171842729700691442959511059551645154026",
"257982387284681616183193468363924254931",
"15964621542304313828938720948276779526",
"182455744724091352154369498990829978623",
"163982949295352918240561588742047160585",
"260698026398619067810547356808365363685",
"261899878899617730477796494522264615190",
"119495794154887678031550949610491845345",
"335864894448455592458186378803667142095",
"316800954449641388405885276633232020867",
"89673146456975126961422362379448206304",
"85947529958514961560909604093731886058",
"70917739768347892542604309502316669755",
"40777926033625760668798855901867558182",
"128834431998584363915040246702701264310",
"268186480471805449360204131409120046738",
"138903224664380221035873767091242203264",
"25460645954299546711727239181346707893",
"89274748540208599521362757378863156729",
"8718118797877545136290908165870987518",
"179867630456076424820647693270575810822",
"96018945627245244555292621643247254317",
"275131538313268929428371877738677751048",
"309358220781534799462427654130468081665",
"91054831130069154327966572809408892836",
"24318593522926258979277796029516965623",
"140086335266839773736110601454928507724",
"168190064959368942887984669589440274811",
"244740901344147452473703470914041718367",
"34853182246595222796671774703907405947",
"82748448440847949842506146033685566813",
"137745792902776862316089199283994998184",
"303300271905933523413324737677673920789",
"109230968158685521799417652091374015860",
"262422971398096261401700918602626845200",
"269510757545028000419404439762959345004",
"267278881641819382382121443507997908694",
"247669413298622779163661569763130524329",
"312017874112491867501779243143870333444",
"308771551375094063721232777543102044165",
"338031839983178561694616232047612924005",
"246439284457754208857600325111436101186",
"43285605412294943292676412447662902358",
"31274333051030425907217906675957764898",
"208717321199676627155766451405502357643",
"265576705375355427806783350990559584819",
"42304067819266643369039444425063026144",
"10357074755913404668717680804918753291",
"69219389879462809441340018005768678995",
"234348066782585771442255046074695787711",
"54696987633383465529271193699215625818",
"124098945537153094511926169103803499515",
"248880072638558267596945258697411843636",
"213520353821480763639565760416388167401",
"269995976985365901351798244085620379535",
"47284540294555277187101979024181587450",
"90812767123752633418242422656691742197",
"93427993567673174674193645511535616986",
"118065945752963473844314016255375936511",
"21565495363664125343307141349870040824",
"150659049349685717218099346576698575029",
"127801058425096127633591160028778155840",
"199747410189045804685868900632365697316",
"242260075932521645223654022716697339736",
"101346658826082231423960715090915738453",
"302464345214251270246443568354719649472",
"110011425718716598903787763275826626212",
"61844543366106668088049362906378178121",
"179895787905852355892987873248606014671",
"301546774401043248909458109944242174897",
"221803064513515771769950401930497807060",
"140815055795280208342316543841338940669",
"44403749126086856481201066594220368341",
"154469177339254498995958323006016215104",
"260534414723396157840981691837176548093",
"129337702605510020788464130679825114840",
"144932157185171698529478508024396015037",
"126245379755028923764819174792293519105",
"77739720519487195663325805592488307521",
"42593858122898733513961850609318908819",
"185412360411463989169016157975386071521",
"195097956260694796614071150504151451093",
"134968358678690528830091703969571476993",
"43100725037534229107016566892822446235",
"83235850110935263887470584630143935752",
"202263727467553425505019724529395781202",
"304171727850572819450536778850275420076",
"298940693928643446051647778602184421483",
"40935043220874060154693092761831092562",
"56051090132475558697361661306778978626",
"280228597026676356878928373295723812049",
"48329021962610584708915471693097439699",
"175892161835812072445126895908556076351",
"188549309119421715576838691540503798404",
"312918762362966371319061654283086752956",
"319233659206275043634053803000736062458",
"11612438668100904239345173708499498195",
"188549309119421715576838691540503798404",
"39024908166297745837503104564799229654",
"267392471599754681009231649297418508970",
"250152639638542655872435390223857284125",
"83235850110935263887470584630143935752",
"149270505400330317660676458585212305612",
"235891726004802467203362006741789915976",
"230165638804928127660925702073334322947",
"15093640924989620956452056524667464312",
"164740001121337559264048021004648813717",
"164141830577845597210366036011903622421",
"292307720721997020840457333498563829388",
"165856717588611431740581714735217192260",
"302456030599770476054806319644446176275",
"198486110167179032569153173514502592945",
"128214726557409196679047582049558729300",
"145993388120402724760095721195709882259",
"242271764196249463547578302234953388729",
"46307830208531824994643387572173072996",
"28607302686802921913624556858684196257",
"327697813895689478451740957616126627062",
"184778322025917355418401094688161757713",
"291564172418996685813427781331066585179",
"108602260167450531073446995501323470760",
"228438386276306049485934415340712051757",
"297688171939831102507590916355388235156",
"254160931706493746989157138991581995631",
"22816037547853088647154121046896574249",
"236685893735518257546635793399615436170",
"340097661717038815871611085739662085277",
"78781262507713101040057114012313787037",
"197295882091164715998734837614283824837"
],
"threshold": 0.9
},
"target": {
"file": "lib/cached/parser.tab.cpp"
}
}
]