An issue was discovered in py-lmdb 0.97. mdb_node_del does not validate a memmove in the case of an unexpected node->mn_hi, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

Published : 2019-09-11 15:15 Updated : 2019-10-12 20:15

CVSS Score More info
Score 5.0 / 10
Vendor Product Version URI
Py-lmdb Project Py-lmdb 0.97 cpe:/a:py-lmdb_project:py-lmdb:0.97
  1. Py-lmdb Project (1) Search CVE
    1. Py-lmdb (1) Search CVE
      1. 0.97


ID Name Description Links
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. CVE

History of changes

Date Event
2019-10-12 20:15
2019-09-12 14:06
2019-09-11 15:28