Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Libgepub: integer overflow in libgepub's epub archive handling
Vulnerability Description
A flaw was found in libgepub, a library used to read EPUB files. The software mishandles file size calculations when opening specially crafted EPUB files, leading to incorrect memory allocations. This issue causes the application to crash. Known affected usage includes desktop services like Tumbler, which may process malicious files automatically when browsing directories. While no direct remote attack vectors are confirmed, any application using libgepub to parse user-supplied EPUB content could be vulnerable to a denial of service.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
libgepub 输入验证错误漏洞
Vulnerability Description
libgepub是danigm个人开发者的一个使用glib读取epub文件的简单库。 libgepub存在输入验证错误漏洞,该漏洞源于处理EPUB文件时错误计算文件大小,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A