Vulnerability Details CVE-2018-20348
libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows attackers to cause a denial of service (infinite recursion) via a crafted file, related to libfdata_tree_get_node_value in libfdata_tree.c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.3%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 1.9
Products affected by CVE-2018-20348
-
cpe:2.3:a:libpff_project:libpff:20161119
-
cpe:2.3:a:libpff_project:libpff:20180428