Every CVE whose affected-product data names Ledger-cli Ledger, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2017-12481 — CVSS 7.8 (high): The find_option function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and…
CVE-2017-12482 — CVSS 7.8 (high): The ledger::parse_date_mask_routine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based…
CVE-2017-2807 — CVSS 7.5 (high): An exploitable buffer overflow vulnerability exists in the tag parsing functionality of Ledger-CLI 3.1.1. A specially crafted journal file…
CVE-2017-2808 — CVSS 7.5 (high): An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger…