Описание
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| zlib | fixed | 1:1.2.8.dfsg-3 | package | |
| zlib | no-dsa | wheezy | package | |
| rsync | fixed | 3.1.3-6 | package | |
| rsync | fixed | 3.1.2-1+deb9u2 | stretch | package |
Примечания
https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0
Report: https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
EPSS
Процентиль: 91%
0.0726
Низкий
Связанные уязвимости
CVSS3: 8.8
ubuntu
около 8 лет назад
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVSS3: 8.8
redhat
почти 9 лет назад
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVSS3: 8.8
nvd
около 8 лет назад
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
EPSS
Процентиль: 91%
0.0726
Низкий