CVE-2018-7726 - log back

CVE-2018-7726 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ An improper input validation was found in function __zzip_fetch_disk_trailer of ZZIPlib before 0.13.69, that could lead to a crash in __zzip_parse_root_directory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
References
+ https://github.com/gdraheim/zziplib/issues/41
+ https://github.com/gdraheim/zziplib/commit/19c9e4dc6c5cf92a38d0d23dbccac6993f9c41be
+ https://github.com/gdraheim/zziplib/commit/feae4da1a5c92100c44ebfcbaaa895959cc0829b
Notes