Every CVE whose affected-product data names Newlib Project Newlib, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2021-3420 — CVSS 9.8 (critical): A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc…
CVE-2024-30949 — CVSS 9.8 (critical): An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function.
CVE-2019-14873 — CVSS 6.5 (medium): In the __multadd function of the newlib libc library, prior to versions 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate…
CVE-2019-14874 — CVSS 6.5 (medium): In the __i2b function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate…
CVE-2019-14875 — CVSS 6.5 (medium): In the __multiply function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to…
CVE-2019-14871 — CVSS 6.5 (medium): The REENT_CHECK macro (see newlib/libc/include/sys/reent.h) as used by REENT_CHECK_TM, REENT_CHECK_MISC, REENT_CHECK_MP and other newlib…
CVE-2019-14877 — CVSS 6.5 (medium): In the __mdiff function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to…
CVE-2019-14878 — CVSS 6.5 (medium): In the __d2b function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate…
CVE-2019-14876 — CVSS 6.5 (medium): In the __lshift function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to…
CVE-2019-14872 — CVSS 6.5 (medium): The _dtoa_r function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return…