CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-16985

In Lizard (formerly LZ5) 2.0, use of an invalid memory address was discovered in LZ5_compress_continue in lz5_compress.c, related to LZ5_compress_fastSmall and MEM_read32. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/inikep/lizard/issues/18
https://github.com/inikep/lizard/issues/18

Products affected by CVE-2018-16985

Lizard Project » Lizard » Version: 2.0

cpe:2.3:a:lizard_project:lizard:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-16985

Products

Pricing

Contact Us