Unrated severityNVD Advisory· Published Feb 9, 2021· Updated Aug 5, 2024
CVE-2019-17582
CVE-2019-17582
Description
A use-after-free in the _zip_dirent_read function of zip_dirent.c in libzip 1.2.0 allows attackers to have an unspecified impact by attempting to unzip a malformed ZIP archive. NOTE: the discoverer states "This use-after-free is triggered prior to the double free reported in CVE-2017-12858."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- libzip/libzipdescription
Patches
Vulnerability mechanics
References
3- github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796mitrex_refsource_MISC
- github.com/nih-at/libzip/issues/5mitrex_refsource_MISC
- libzip.org/libzip-discuss/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.