CVEDB API

ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

Products affected by CVE-2018-20618

Ok-File-Formats Project » Ok-File-Formats » Version: N/A

cpe:2.3:a:ok-file-formats_project:ok-file-formats:-
Ok-File-Formats Project » Ok-File-Formats » Version: 2018-10-13

cpe:2.3:a:ok-file-formats_project:ok-file-formats:2018-10-13
Ok-File-Formats Project » Ok-File-Formats » Version: 2018-10-14

cpe:2.3:a:ok-file-formats_project:ok-file-formats:2018-10-14
Ok-File-Formats Project » Ok-File-Formats » Version: 2018-10-15

cpe:2.3:a:ok-file-formats_project:ok-file-formats:2018-10-15
Ok-File-Formats Project » Ok-File-Formats » Version: 2018-10-16

cpe:2.3:a:ok-file-formats_project:ok-file-formats:2018-10-16