GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.
Source: NIST
CVE-2019-16166 (cflow)
Security in mind
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.
Source: NIST
CVE-2019-16166 (cflow)