rpm package
opensuse/vagrant&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/vagrant&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-16892 | — | < 2.2.18-1.3 | 2.2.18-1.3 | Sep 25, 2019 | In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service (disk consumption). |
- CVE-2019-16892Sep 25, 2019affected < 2.2.18-1.3fixed 2.2.18-1.3
In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service (disk consumption).