Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2018-7726 - log back

CVE-2018-7726 created at 25 Sep 2019 19:31:40

Severity

+

Medium

Remote

+

Remote

Type

+	Denial of service

Description

+	An improper input validation was found in function __zzip_fetch_disk_trailer of ZZIPlib before 0.13.69, that could lead to a crash in __zzip_parse_root_directory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

References

+	https://github.com/gdraheim/zziplib/issues/41
+	https://github.com/gdraheim/zziplib/commit/19c9e4dc6c5cf92a38d0d23dbccac6993f9c41be
+	https://github.com/gdraheim/zziplib/commit/feae4da1a5c92100c44ebfcbaaa895959cc0829b

Notes