VYPR

Lhasa

by Lhasa Project

Source repositories

CVEs (2)

  • CVE-2016-2347HigApr 21, 2017
    risk 0.44cvss 7.8epss 0.03

    Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive.

  • CVE-2010-2369Oct 18, 2010
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in Lhasa 0.19 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.