Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2018-16985
- EPSS 0.54%
- Veröffentlicht 13.09.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:39
In Lizard (formerly LZ5) 2.0, use of an invalid memory address was discovered in LZ5_compress_continue in lz5_compress.c, related to LZ5_compress_fastSmall and MEM_read32. The vulnerability causes a segmentation fault and application crash, which lea...
7.8
CVE-2018-11498
- EPSS 2.51%
- Veröffentlicht 26.05.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:43:29
In Lizard v1.0 and LZ5 v2.0 (the prior release, before the product was renamed), there is an unchecked buffer size during a memcpy in the Lizard_decompress_LIZv1 function (lib/lizard_decompress_liz.h). Remote attackers can leverage this vulnerability...
1