Possible vuln in Squirrel interpreter

nesbox / TIC-80

TIC-80 is a fantasy computer for making, playing and sharing tiny games.

https://tic80.com

MIT License

4.94k stars 479 forks source link

Possible vuln in Squirrel interpreter #2342

Open YoshiRulz opened 10 months ago

YoshiRulz commented 10 months ago

Forwarding this from BizHawk: CVE-2022-30292 describes a buffer overflow vuln in Squirrel ≤ 3.2. It was patched upstream on 2022-05-02.

the-Chain-Warden-thresh commented 10 months ago

Hi there. I reported this unpatched CVE problem to BizHawk previously. I'd like to know if this was confirmed as a threat to this project. If so, I'm glad to open a PR to solve this problem.

nesbox commented 10 months ago

@the-Chain-Warden-thresh pls open a PR if not difficult 🙏