CVE-2025-8733

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-8733
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

04 Nov 2025, 00:15

Type Values Removed Values Added
Summary
  • (es) Se encontró una vulnerabilidad en GNU Bison hasta la versión 3.8.2. Se ha clasificado como problemática. Este problema afecta a la función __obstack_vprintf_internal del archivo obprintf.c. La manipulación genera una aserción accesible. Es posible lanzar el ataque contra el host local. Se ha hecho público el exploit y puede que sea utilizado.
Summary (en) A flaw has been found in GNU Bison up to 3.8.2. This affects the function __obstack_vprintf_internal of the file obprintf.c. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has been published and may be used. It is still unclear if this vulnerability genuinely exists. The issue could not be reproduced from a GNU Bison 3.8.2 tarball run in a Fedora 42 container. (en) Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison.
CWE CWE-617
CVSS v2 : 1.7
v3 : 3.3 		v2 : unknown
v3 : unknown
References
  • {'url': 'https://github.com/akimd/bison/issues/113', 'source': 'cna@vuldb.com'}
  • {'url': 'https://github.com/akimd/bison/issues/114', 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?ctiid.319229', 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?id.319229', 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?submit.622298', 'source': 'cna@vuldb.com'}
  • {'url': 'https://vuldb.com/?submit.622299', 'source': 'cna@vuldb.com'}
  • {'url': 'https://www.gnu.org/', 'source': 'cna@vuldb.com'}
  • {'url': 'https://www.openwall.com/lists/oss-security/2025/10/27/12', 'source': 'af854a3a-2127-422b-91ae-364da2661108'}

28 Oct 2025, 01:16

Type Values Removed Values Added
References
  • () https://www.openwall.com/lists/oss-security/2025/10/27/12 -

19 Aug 2025, 05:15

Type Values Removed Values Added
Summary
  • (es) Se encontró una vulnerabilidad en GNU Bison hasta la versión 3.8.2. Se ha clasificado como problemática. Este problema afecta a la función __obstack_vprintf_internal del archivo obprintf.c. La manipulación genera una aserción accesible. Es posible lanzar el ataque contra el host local. Se ha hecho público el exploit y puede que sea utilizado.
Summary (en) A vulnerability was found in GNU Bison up to 3.8.2. It has been rated as problematic. This issue affects the function __obstack_vprintf_internal of the file obprintf.c. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. (en) A flaw has been found in GNU Bison up to 3.8.2. This affects the function __obstack_vprintf_internal of the file obprintf.c. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has been published and may be used. It is still unclear if this vulnerability genuinely exists. The issue could not be reproduced from a GNU Bison 3.8.2 tarball run in a Fedora 42 container.

08 Aug 2025, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-08 18:15

Updated : 2025-11-04 00:15

NVD link : CVE-2025-8733

Mitre link : CVE-2025-8733

CVE.ORG link : CVE-2025-8733

JSON object : View

Products Affected

No product.

CWE

No CWE.