Описание
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size.
Ссылки
- ExploitMailing ListThird Party Advisory
- Product
- ExploitMailing ListThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:gnu:libextractor:1.4:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00408
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-835
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 8 лет назад
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size.
CVSS3: 7.5
debian
больше 8 лет назад
In GNU Libextractor 1.4, there is an integer signedness error for the ...
CVSS3: 7.5
github
больше 3 лет назад
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size.
EPSS
Процентиль: 61%
0.00408
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-835