Your submission was sent successfully! Close

CVE-2017-12858

Published: 23 August 2017

Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.

Priority

Unknown

CVSS 3 base score: 9.8

Status

Package Release Status
libzip
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Not vulnerable
(code not present)
upstream
Released (1.3.0)
xenial Not vulnerable
(code not present)
zesty Not vulnerable
(code not present)
Patches:
upstream: https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796