cvedb.io
CVE-2023-0341
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2023-02-01T00:15:10.343 · Last modified 2026-06-17T05:25:19.530

Summary

A stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over the p_pcre buffer.

Affected products

editorconfig — editorconfig

Does this affect you?

Add your gear to cvedb and we'll alert you only when editorconfig ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.