CVE-2017-12858

Опубликовано: 23 авг. 2017

Источник: debian

EPSS Низкий

Описание

Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.

Пакет	Статус	Версия исправления	Релиз	Тип
libzip	not-affected			package

Introduced after: https://github.com/nih-at/libzip/commit/796c5968ad679220db3fb65ec6f48c66e554e5d5 (rel-1-2-0)
Fixed by: https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796 (rel-1-3-0)

EPSS

Процентиль: 72%

0.00738

Низкий

CVE-2017-12858

CVSS3: 9.8

ubuntu

больше 8 лет назад

Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.

CVE-2017-12858

CVSS3: 3.3

redhat

больше 8 лет назад

Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.

CVE-2017-12858

CVSS3: 9.8

nvd

больше 8 лет назад

Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.

GHSA-qm7q-x8gp-f7m8

CVSS3: 9.8

github

больше 3 лет назад

Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.

EPSS

Процентиль: 72%

0.00738

Низкий