CVE-2026-33337

Published: Apr 17, 2026Modified: Apr 27, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: security-advisories@github.com (Secondary)

Description

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when deserializing a slice packet, the xdr_datum() function does not validate that a cstring length conforms to the slice descriptor bounds, allowing a cstring longer than the allocated buffer to overflow it. An unauthenticated attacker can exploit this by sending a crafted packet to the server, potentially causing a crash or other security impact. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.

Affected (3)

Products: Firebirdsql: Firebird

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Firebirdsql Firebird	From 3.0.0 to 3.0.14
Firebirdsql Firebird	From 4.0.0 to 4.0.7
Firebirdsql Firebird	From 5.0.0 to 5.0.4

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (4)

https://github.com/FirebirdSQL/firebird/releases/tag/v3.0.14

Source: security-advisories@github.com

Release Notes

https://github.com/FirebirdSQL/firebird/releases/tag/v4.0.7

Source: security-advisories@github.com

Release Notes

https://github.com/FirebirdSQL/firebird/releases/tag/v5.0.4

Source: security-advisories@github.com

Release Notes

https://github.com/FirebirdSQL/firebird/security/advisories/GHSA-89mq-229g-x47p

Source: security-advisories@github.com

ExploitVendor Advisory

Timeline

No history available yet.