CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-15157

The libfsclfs_block_read function in libfsclfs_block.c in libfsclfs before 2018-07-25 allows remote attackers to cause a heap-based buffer over-read via a crafted clfs file. NOTE: the vendor has disputed this as described in the GitHub issue comments

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.1%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

https://github.com/libyal/libfsclfs/issues/3
https://github.com/libyal/libfsclfs/issues/3

Products affected by CVE-2018-15157

Libfsclfs Project » Libfsclfs » Version: 2017-02-06

cpe:2.3:a:libfsclfs_project:libfsclfs:2017-02-06

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-15157

Products

Pricing

Contact Us