CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-10654

The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in Long Range Zip (aka lrzip) 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive, a different vulnerability than CVE-2017-8845.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.9%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

https://github.com/ckolivas/lrzip/issues/108
https://github.com/ckolivas/lrzip/issues/108

Products affected by CVE-2019-10654

Long Range Zip Project » Long Range Zip » Version: 0.631

cpe:2.3:a:long_range_zip_project:long_range_zip:0.631

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10654

Products

Pricing

Contact Us