Уязвимость CVE-2018-6381

Пакет	Статус	Версия исправления	Релиз	Тип
zziplib	fixed	0.13.62-3.2		package
zziplib	fixed	0.13.62-3.2~deb9u1	stretch	package
zziplib	ignored		wheezy	package

CVE-2018-6381

CVSS3: 6.5

ubuntu

около 8 лет назад

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.

CVE-2018-6381

CVSS3: 3.3

redhat

около 8 лет назад

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.

CVE-2018-6381

CVSS3: 6.5

nvd

около 8 лет назад

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.

GHSA-pc5j-427r-h2x3

CVSS3: 6.5

github

больше 3 лет назад

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.

BDU:2019-04634

CVSS3: 6.5

fstec

около 8 лет назад

Уязвимость функции zzip_mem_entry_new() библиотеки архивирования ZZIPlib, позволяющая нарушителю вызвать отказ в обслуживании

exploitDog

CVE-2018-6381

Описание

Пакеты

Примечания

Связанные уязвимости