VYPR

libmspack

by Kyz

Source repositories

CVEs (2)

  • CVE-2018-14680MedJul 28, 2018
    risk 0.36cvss 6.5epss 0.04

    An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.

  • CVE-2015-4471Jun 11, 2015
    risk 0.00cvss epss 0.02

    Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive.