CVE-2026-50593
7.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H
Summary
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Graphite project | Graphite | 0 < 1.3.15 | affected |
Weaknesses
- CWE-191: CWE-191 Integer Underflow (Wrap or Wraparound)
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://github.com/silnrsi/graphite/commit/ad78c6b7319909e1540c1b134e115ced03417866
- https://github.com/silnrsi/graphite/compare/1.3.14…1.3.15
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.