Lucene search
K
Squashfs ProjectSquashfs

4 matches found

CVE
CVE
added 2017/03/17 2:0 p.m.97 views

CVE-2015-4645

CVE-2015-4645 affects squashfs-tools; the vulnerability is an integer overflow in read_fragment_table_4 (unsquash-4.c) in SquashFS/Sasquatch, enabling a crafted input to trigger a stack-based buffer overflow and cause a denial of service. Affected package: squashfs-tools. Remediation: upgrade to ...

5.5CVSS6.2AI score0.0316EPSS
CVE
CVE
added 2017/04/13 5:0 p.m.75 views

CVE-2015-4646

CVE-2015-4646 affects Squashfs-tools (unsquash-1.c/unsquash-2.c/unsquash-3.c/unsquash-4.c). A crafted input can cause a denial of service (application crash) via the unsquash process. Public advisories and vendor notifications reference multiple affected releases (e.g., Squashfs-tools in various ...

7.5CVSS7AI score0.0691EPSS
CVE
CVE
added 2012/07/19 7:0 p.m.60 views

CVE-2012-4025

CVE-2012-4025 affects Squashfs-tools (squashfs) up to version 4.2. The issue is an integer overflow in queue_init() inside unsquashfs.c, which can allow a remote attacker to cause a heap-based buffer overflow by supplying a crafted block_log in the superblock of a .sqsh file, enabling arbitrary c...

6.8CVSS7.8AI score0.03898EPSS
CVE
CVE
added 2012/07/19 7:0 p.m.57 views

CVE-2012-4024

CVE-2012-4024 concerns a stack-based buffer overflow in the get_component function of unsquashfs.c in Squashfs tooling (unsquashfs) up to version 4.2. Exploitation via a crafted list file for the -ef option could allow remote arbitrary code execution. Connected advisories confirm the flaw affects...

6.8CVSS7.9AI score0.04047EPSS