VYPR
Medium severity5.5NVD Advisory· Published Jun 19, 2018· Updated Jun 17, 2026

CVE-2018-11723

CVE-2018-11723

Description

The libpff_name_to_id_map_entry_read function in libpff_name_to_id_map.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted pff file. NOTE: the vendor has disputed this as described in libyal/libpff issue 66 on GitHub

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Libyal/Libpffinferred2 versions
    <= 2018-04-28+ 1 more
    • (no CPE)range: <= 2018-04-28
    • (no CPE)range: <=2018-04-28

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.