{"id":"CVE-2020-24240","details":"GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison.","modified":"2026-07-08T17:56:40.071472Z","published":"2020-08-25T14:15:16.543Z","references":[{"type":"ADVISORY","url":"https://github.com/akimd/bison/compare/v3.7...v3.7.1"},{"type":"ADVISORY","url":"https://lists.gnu.org/r/bug-bison/2020-07/msg00051.html"},{"type":"FIX","url":"https://github.com/akimd/bison/commit/be95a4fe2951374676efc9454ffee8638faaf68d"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/akimd/bison","events":[{"introduced":"6675d36e2531f2573dcb8944bd9877214677e151"},{"last_affected":"6675d36e2531f2573dcb8944bd9877214677e151"},{"fixed":"be95a4fe2951374676efc9454ffee8638faaf68d"}],"database_specific":{"cpe":"cpe:2.3:a:gnu:bison:3.7:*:*:*:*:*:*:*","source":["CPE_STRING","REFERENCES"],"extracted_events":[{"introduced":"3.7"},{"last_affected":"3.7"}]}}],"versions":["3.7","v3.7"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["152892177091449443900596977177214106375","110470093975942762776580447940415453127","8556976720912662219078527567889747895"]},"source":"https://github.com/akimd/bison/commit/be95a4fe2951374676efc9454ffee8638faaf68d","id":"CVE-2020-24240-85d57cd5","target":{"file":"src/flex-scanner.h"},"deprecated":false}],"vanir_signatures_modified":"2026-07-08T17:56:40Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-24240.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}