CRITICAL🇵🇱 Wersja polska

CVE-2020-10233

CVSS 9.1v3.1pub. 2020-03-09upd. 2024-11-21

In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap-based buffer over-read in ntfs_dinode_lookup in fs/ntfs.c.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
  • Sleuthkit The Sleuth Kit

    APP
    Sleuthkit
    ≤ 4.8.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-10232CRITICAL9.8ten sam produkt

In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YA...

CVE-2019-14532CRITICAL9.8ten sam produkt

An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on...

CVE-2019-14531CRITICAL9.8ten sam produkt

An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660 while parsing...

CVE-2026-40024HIGH8.4ten sam produkt

The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an attacker t...

CVE-2022-45639HIGH7.8ten sam produkt

OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands...