{"id":"PYSEC-2021-860","details":"Croatia Control Asterix 2.8.1 (python_v0.7.2) has a heap-based buffer over-read, with additional details to be disclosed at a later date.","aliases":["CVE-2021-44144","GHSA-6mmf-v5q7-vw2w"],"modified":"2024-04-10T18:58:42.076069Z","published":"2021-11-22T21:15:00Z","references":[{"type":"REPORT","url":"https://github.com/CroatiaControlLtd/asterix/issues/183"},{"type":"FIX","url":"https://github.com/croatiacontrolltd/asterix/commit/3f765d387d239ccc44e278a2ffa600fb6a6587f9"}],"affected":[{"package":{"name":"asterix-decoder","ecosystem":"PyPI","purl":"pkg:pypi/asterix-decoder"},"ranges":[{"type":"GIT","repo":"https://github.com/croatiacontrolltd/asterix","events":[{"introduced":"0"},{"fixed":"3f765d387d239ccc44e278a2ffa600fb6a6587f9"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.7.2"}]}],"versions":["0.1.0","0.2.0","0.3.0","0.4.0","0.4.1","0.4.2","0.5.0","0.5.1","0.5.10","0.5.11","0.5.12","0.5.13","0.5.14","0.5.15","0.5.16","0.5.2","0.5.5","0.5.6","0.5.7","0.5.8","0.5.9","0.6.0","0.6.1","0.7.0","0.7.1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/asterix-decoder/PYSEC-2021-860.yaml"}}],"schema_version":"1.7.3"}