0.004 Low
EPSS
Percentile
74.6%
A flaw was found in dict.c:dict_unserialize function of glusterfs, dic_unserialize function does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.
bugzilla.redhat.com/show_bug.cgi?id=1601657
www.cve.org/CVERecord?id=CVE-2018-10911 https://nvd.nist.gov/vuln/detail/CVE-2018-10911