CVE-2018-10195

Опубликовано: 02 июн. 2021

Источник: nvd

CVSS3: 7.1

CVSS2: 3.6

EPSS Низкий

Описание

lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

Ссылки

http://www.ohse.de/uwe/software/lrzsz.html
Release Notes
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1572058
Issue Tracking
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/01/msg00027.html
Issue Tracking
Mailing List
Third Party Advisory
https://lists.suse.com/pipermail/sle-security-updates/2018-April/003955.html?_ga=2.81625751.1026327980.1622040648-1950393542.1547130931
Mailing List
Third Party Advisory
https://lists.suse.com/pipermail/sle-security-updates/2018-April/003956.html?_ga=2.81625751.1026327980.1622040648-1950393542.1547130931
Mailing List
Third Party Advisory
http://www.ohse.de/uwe/software/lrzsz.html
Release Notes
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1572058
Issue Tracking
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/01/msg00027.html
Issue Tracking
Mailing List
Third Party Advisory
https://lists.suse.com/pipermail/sle-security-updates/2018-April/003955.html?_ga=2.81625751.1026327980.1622040648-1950393542.1547130931
Mailing List
Third Party Advisory
https://lists.suse.com/pipermail/sle-security-updates/2018-April/003956.html?_ga=2.81625751.1026327980.1622040648-1950393542.1547130931
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lrzsz_project:lrzsz:*:*:*:*:*:*:*:*

Версия до 0.12.20 (включая)

Конфигурация 2

Одно из

cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:-:-:*:*

Конфигурация 3

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.00051

Низкий

7.1 High

CVSS3

3.6 Low

CVSS2

Дефекты

CWE-190

Связанные уязвимости

CVE-2018-10195

CVSS3: 7.1

ubuntu

больше 4 лет назад

lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

CVE-2018-10195

CVSS3: 4.4

redhat

почти 8 лет назад

lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

CVE-2018-10195

CVSS3: 7.1

msrc

4 месяца назад

lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

CVE-2018-10195

CVSS3: 7.1

debian

больше 4 лет назад

lrzsz before version 0.12.21~rc can leak information to the receiving ...

SUSE-SU-2018:1070-1

suse-cvrf

почти 8 лет назад

Security update for rzsz

EPSS

Процентиль: 16%

0.00051

Низкий

7.1 High

CVSS3

3.6 Low

CVSS2

Дефекты

CWE-190