Описание
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive.
Ссылки
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:long_range_zip_project:long_range_zip:0.631:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00184
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 8 лет назад
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive.
CVSS3: 5.5
debian
больше 8 лет назад
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lr ...
CVSS3: 5.5
github
больше 3 лет назад
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive.
EPSS
Процентиль: 40%
0.00184
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125