CVE-2020-15100

Опубликовано: 14 июл. 2020

Источник: nvd

CVSS3: 2.8

CVSS3: 3.3

CVSS2: 2.1

EPSS Низкий

Описание

In freewvs before 0.1.1, a user could create a large file that freewvs will try to read, which will terminate a scan process. This has been patched in 0.1.1.

Ссылки

https://github.com/schokokeksorg/freewvs/commit/18bbf2043e53f69e0119d24f8ae4edb274afb9b2
Patch
Third Party Advisory
https://github.com/schokokeksorg/freewvs/security/advisories/GHSA-9cfv-9463-8gqv
Third Party Advisory
https://github.com/schokokeksorg/freewvs/commit/18bbf2043e53f69e0119d24f8ae4edb274afb9b2
Patch
Third Party Advisory
https://github.com/schokokeksorg/freewvs/security/advisories/GHSA-9cfv-9463-8gqv
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:schokokeks:freewvs:*:*:*:*:*:*:*:*

Версия до 0.1.1 (исключая)

EPSS

Процентиль: 18%

0.00058

Низкий

2.8 Low

CVSS3

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-400

CWE-770

Связанные уязвимости

GHSA-9cfv-9463-8gqv

CVSS3: 2.8

github

больше 1 года назад

freewvs vulnerable to denial of service through large files

EPSS

Процентиль: 18%

0.00058

Низкий

2.8 Low

CVSS3

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-400

CWE-770