Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:rpm:libcomps:0.1.4-4:*:*:*:*:*:*:*
There are 1 matching records.
Displaying matches 1 through 1.
Vuln ID Summary CVSS Severity

A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious code.

Published: March 27, 2019; 9:29:01 AM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM