Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-21674

Опубликовано: 15 окт. 2020
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

not-affected

3.4.1
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

code not present
esm-infra/xenial

not-affected

code not present
focal

not-affected

code not present
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

not-affected

code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 82%
0.01655
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2020-21674

CVSS3: 7.5
redhat
около 6 лет назад

Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.

nvd логотип

CVE-2020-21674

CVSS3: 6.5
nvd
больше 5 лет назад

Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.

debian логотип

CVE-2020-21674

CVSS3: 6.5
debian
больше 5 лет назад

Heap-based buffer overflow in archive_string_append_from_wcs() (archiv ...

github логотип

GHSA-crq5-4m3r-9jx2

github
больше 3 лет назад

Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.

EPSS

Процентиль: 82%
0.01655
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3