CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-8905

do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.4%

CVSS Severity

CVSS v3 Score 4.4

CVSS v2 Score 3.6

References

http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html
http://www.securityfocus.com/bid/107137
https://bugs.astron.com/view.php?id=63
https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html
https://usn.ubuntu.com/3911-1/
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html
http://www.securityfocus.com/bid/107137
https://bugs.astron.com/view.php?id=63
https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html
https://usn.ubuntu.com/3911-1/

Products affected by CVE-2019-8905

File Project » File » Version: 5.35

cpe:2.3:a:file_project:file:5.35
Canonical » Ubuntu Linux » Version: 16.04

cpe:2.3:o:canonical:ubuntu_linux:16.04
Canonical » Ubuntu Linux » Version: 18.04

cpe:2.3:o:canonical:ubuntu_linux:18.04
Canonical » Ubuntu Linux » Version: 18.10

cpe:2.3:o:canonical:ubuntu_linux:18.10
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Opensuse » Leap » Version: 15.0

cpe:2.3:o:opensuse:leap:15.0
Opensuse » Leap » Version: 42.3

cpe:2.3:o:opensuse:leap:42.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-8905

Products

Pricing

Contact Us