-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability description and the provided commit patch clearly indicate that several functions in src/lib/openmj2/pi.c were vulnerable to out-of-bounds array access. The patch introduces bounds checks before accessing the pi->include array using a calculated index. The functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, and pi_next_cprl all had this vulnerability. The patch evidence shows the exact location where the vulnerable access occurred (before the check was added) and how the fix was implemented by adding an if (index >= pi->include_size) check.
Ongoing coverage of React2Shell