Lucene search
K

5 matches found

CVE
CVE
added 2018/09/04 12:0 a.m.90 views

CVE-2018-16430

CVE-2018-16430 affects GNU Libextractor up to 1.7, with an out-of-bounds read in EXTRACTOR_zip_extract_method() implemented in zip_extractor.c. The vulnerability arises from handling ZIP File Comment fields, as indicated by multiple advisories and vendor notices (Debian, Mageia, Ubuntu). Impact i...

8.8CVSS8.3AI score0.02646EPSS
CVE
CVE
added 2018/07/17 3:0 p.m.85 views

CVE-2018-14346

CVE-2018-14346 affects GNU Libextractor: a stack-based buffer overflow in ec_read_file_func (unzip.c) present in versions before 1.7. Multiple connected sources (Ubuntu/Debian/Mageia/OpenVAS/Nessus OSV entries) indicate the issue can lead to denial of service and, in some disclosures, arbitrary c...

8.8CVSS8.6AI score0.02089EPSS
CVE
CVE
added 2018/07/17 3:0 p.m.74 views

CVE-2018-14347

CVE-2018-14347 affects GNU Libextractor prior to 1.7, with an infinite loop in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c). Publicly available documents corroborate the issue under libextractor across multiple distributions, including Debian (DSA-4290) and Mageia advisories, which indicate p...

6.5CVSS7.1AI score0.01718EPSS
CVE
CVE
added 2018/12/24 5:0 a.m.74 views

CVE-2018-20431

CVE-2018-20431 is a NULL pointer dereference in GNU Libextractor

6.5CVSS6.4AI score0.02236EPSS
CVE
CVE
added 2018/12/24 5:0 a.m.73 views

CVE-2018-20430

CVE-2018-20430 affects GNU Libextractor up to version 1.8, with an out-of-bounds read in history_extract() (plugins/ole2_extractor.c) related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. The issue is reported across multiple advisories and distributions, including Debian DSA-4361 and ...

6.5CVSS6.3AI score0.02237EPSS