CVE-2019-18408

Опубликовано: 24 окт. 2019

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.

Релиз	Статус	Примечание
bionic	released	3.2.2-3.1ubuntu0.5
devel	not-affected
disco	released	3.3.3-4ubuntu0.1
eoan	not-affected
esm-infra-legacy/trusty	released	3.1.2-7ubuntu2.8+esm1
esm-infra/bionic	released	3.2.2-3.1ubuntu0.5
esm-infra/xenial	released	3.1.2-11ubuntu0.16.04.7
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	released	3.1.2-7ubuntu2.8+esm1

Показывать по

Ссылки на источники

EPSS

Процентиль: 89%

0.04588

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2019-18408

CVSS3: 8.1

redhat

больше 6 лет назад

archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.

CVE-2019-18408

CVSS3: 7.5

nvd

больше 6 лет назад

archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.

CVE-2019-18408

CVSS3: 7.5

debian

больше 6 лет назад

archive_read_format_rar_read_data in archive_read_support_format_rar.c ...

GHSA-4hj2-55w3-4qwh

CVSS3: 7.5

github

больше 3 лет назад

archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.

ELSA-2020-0271

oracle-oval

около 6 лет назад

ELSA-2020-0271: libarchive security update (IMPORTANT)

EPSS

Процентиль: 89%

0.04588

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2019-18408

Описание

Пакет libarchive

Ссылки на источники

Связанные уязвимости