INFSA-2024:2377: zziplib security update
Information about definition
Identificator: INFSA-2024:2377
Type: security
Release date: 2024-12-27 09:30:36 UTC
Information about package
The zziplib is a lightweight library to easily extract data from zip files.
Vulnerabilities description
- CVE-2020-18770
An invalid memory access flaw was found in the mmapped.c file's zzip_disk_entry_to_file_header function in Zziplib. This issue could allow an attacker to entice a victim into opening a specially crafted file, leading to a denial of service.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2020-18770
|
no information | 5.5 | no information |
Updated packages