CVE-2023-49992
MEDIUMespeak-ng 1.52-dev - Stack Buffer Overflow in RemoveEnding Function
Title source: llmDescription
Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c.
References (6)
Core 6
Core References
Exploit, Issue Tracking, Vendor Advisory
https://github.com/espeak-ng/espeak-ng/issues/1827
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/2PZEBWPNKPAYJMIM3AS2RP3FL6FX3HS4/
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/Z5WW6RKHRWLEMCKCQ6UZCXWC5J7UWMUQ/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5WW6RKHRWLEMCKCQ6UZCXWC5J7UWMUQ/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PZEBWPNKPAYJMIM3AS2RP3FL6FX3HS4/
Scores
CVSS v3
5.3
EPSS
0.0040
EPSS Percentile
32.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Details
CWE
CWE-787
Status
published
Products (1)
espeak-ng/espeak-ng
1.52 dev
Published
Dec 12, 2023
Tracked Since
Feb 18, 2026