MidnightBSD

Advisories for lrzsz_project

CVE-2018-10195 LOW

lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.1 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 1.8 5.2

CVSS 2.0

Severity: LOW

Problem Type: CWE-190,

Products Affected

Vendor Product Version
suse linux_enterprise_server 11
debian debian_linux 9.0
lrzsz_project lrzsz *
suse linux_enterprise_server 12
suse linux_enterprise_debuginfo 11
suse linux_enterprise_desktop 12