CVE-2019-10974

CVE-2019-10974

Vendor National Renewable Energy Laboratory (Nrel)
Product EnergyPlus
Weakness CWE-121
Published July 25, 2019
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code.

Key dates

02Disclosure timeline

July 25, 2019 CVE published
August 4, 2024 Record updated