Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XZ Utils: Buffer overflow in lzma_index_append()
Vulnerability Description
XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzma_index_decoder() was used to decode an Index that contained no Records, the resulting lzma_index was left in a state where where a subsequent lzma_index_append() would allocate too little memory, and a buffer overflow would occur. This issue has been patched in version 5.8.3.
CVSS Information
N/A
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
XZ Utils 安全漏洞
Vulnerability Description
XZ Utils是Tukaani开源的一个实用程序。 XZ Utils 5.8.3之前版本存在安全漏洞,该漏洞源于lzma_index_decoder解码无记录的索引时状态异常,可能导致后续lzma_index_append分配内存不足并发生缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A