CVE-2019-16166 (NVD)

2019-09-09

GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.

Products Cflow
Type Out-of-bounds Read (CWE-125)
First patch - None (likely due to unavailable code)
Links https://lists.gnu.org/archive/html/bug-cflow/2019-04/msg00000.html