CVE-2019-16747: XSS
Published Dec 30, 2020
·Updated
In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free (leading to memory corruption and a daemon crash) via a crafted incoming network message, a different vulnerability than CVE-2019-14431.
Affected Software
1 affected component
MatrixSSL MatrixSSL<4.2.2
Event History
Dec 30, 2020
CVE Published
via MITRE·08:20 PM
Data Sourced
via MITRE·08:20 PM
Description
Frequently Asked Questions
1
What is CVE-2019-16747?
CVE-2019-16747 is a vulnerability in MatrixSSL before 4.2.2 Open, where the DTLS server can encounter an invalid pointer free, leading to memory corruption and a daemon crash.
2
How severe is CVE-2019-16747?
CVE-2019-16747 has a severity rating of 7.5 (high).
3
What software is affected by CVE-2019-16747?
MatrixSSL versions up to and excluding 4.2.2 are affected by CVE-2019-16747.
4
How can I fix CVE-2019-16747?
To fix CVE-2019-16747, users should update to MatrixSSL version 4.2.2 or higher.
5
Are there any references for CVE-2019-16747?
Yes, you can find references for CVE-2019-16747 at the following links: [1] [2] [3]