Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-6381

Опубликовано: 29 янв. 2018
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.

РелизСтатусПримечание
artful

released

0.13.62-3.1ubuntu0.17.10.1
bionic

released

0.13.62-3.1ubuntu0.18.04.1
devel

released

0.13.62-3.1ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [0.13.62-2ubuntu0.2]]
esm-infra/bionic

released

0.13.62-3.1ubuntu0.18.04.1
esm-infra/xenial

released

0.13.62-3ubuntu0.16.04.2
precise/esm

DNE

trusty

released

0.13.62-2ubuntu0.2
trusty/esm

DNE

trusty was released [0.13.62-2ubuntu0.2]
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 54%
0.00317
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-6381

CVSS3: 3.3
redhat
около 8 лет назад

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.

nvd логотип

CVE-2018-6381

CVSS3: 6.5
nvd
около 8 лет назад

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.

debian логотип

CVE-2018-6381

CVSS3: 6.5
debian
около 8 лет назад

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13. ...

github логотип

GHSA-pc5j-427r-h2x3

CVSS3: 6.5
github
больше 3 лет назад

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.

fstec логотип

BDU:2019-04634

CVSS3: 6.5
fstec
около 8 лет назад

Уязвимость функции zzip_mem_entry_new() библиотеки архивирования ZZIPlib, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 54%
0.00317
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3