Vulnerabilities (CVE)

Filtered by vendor Cabextract Subscribe

Filtered by product Libmspack

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-14679	5 Cabextract, Cabextract Project, Canonical and 2 more	8 Libmspack, Cabextract, Ubuntu Linux and 5 more	2021-04-26	4.3 MEDIUM	6.5 MEDIUM
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).
CVE-2018-14680	5 Cabextract, Cabextract Project, Canonical and 2 more	8 Libmspack, Cabextract, Ubuntu Linux and 5 more	2021-04-26	4.3 MEDIUM	6.5 MEDIUM
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.