CVE-2018-16548

Affecting zziplib package, versions debian:10: <0.13.62-3.2 || debian:8: * || debian:9: * || debian:unstable: <0.13.62-3.2 || ubuntu:14.04: * || ubuntu:16.04: * || ubuntu:18.04: * || ubuntu:18.10: *

low severity

Overview

An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack.

Do your applications use this vulnerable package?

CVE
CVE-2018-16548
Snyk ID
SNYK-LINUX-ZZIPLIB-172769
Published
25 Sep, 2018