Description
lrzip v0.651 was discovered to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.
References
https://github.com/ckolivas/lrzip/issues/246
ExploitIssue Tracking
https://github.com/ckolivas/lrzip/issues/246
ExploitIssue Tracking
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 · Medium
Information
Source identifier
Vulnerability status
Modified
Published
2023-08-17T17:15:12.977Z
2 years agoLast modified
2024-11-21T07:15:54.253Z
1 year ago