Описание
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.2.1-2 |
| esm-infra-legacy/trusty | not-affected | 3.1.2-7ubuntu2.4 |
| esm-infra/xenial | not-affected | 3.1.2-11ubuntu0.16.04.3 |
| precise | released | 3.0.3-6ubuntu1.4 |
| trusty | released | 3.1.2-7ubuntu2.4 |
| trusty/esm | not-affected | 3.1.2-7ubuntu2.4 |
| upstream | released | 3.2.0-2 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 3.1.2-11ubuntu0.16.04.3 |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
libarchive before 3.2.0 does not limit the number of recursive decompr ...
libarchive before 3.2.0 does not limit the number of recursive decompressions, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted gzip file.
Уязвимость библиотеки libarchive, существующая из-за ошибки управления ресурсами, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3