VDB
CVE-2018-25033
CVE-2018-25033
PUBLISHED
ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a.
EPSS 0.48% · 65.7th percentile
Risk Scores
EPSS Score
0.48%
65.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:25.10 | admesh | 0.98.5-1build1, 0 |
| Ubuntu:20.04:LTS | admesh | 0, 0.98.3-4, 0.98.4-1 |
| Ubuntu:16.04:LTS | admesh | 0.98.2-2, 0 |
| Ubuntu:22.04:LTS | admesh | 0.98.4-1, 0 |
| Ubuntu:24.04:LTS | admesh | 0.98.5-1, 0.98.5-1build1, 0 |
| Ubuntu:18.04:LTS | admesh | 0, 0.98.3-2, 0.98.3-1ubuntu1 |
Exploit Intelligence
Timeline
- May 8, 2022 EPSS Score
- May 8, 2022 CVE Published
- Jun 26, 2022 EPSS Score
- Aug 16, 2022 EPSS Score
- Oct 4, 2022 EPSS Score
- Nov 23, 2022 EPSS Score
- Jan 11, 2023 EPSS Score
- Mar 1, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 20, 2023 EPSS Score
- Jun 8, 2023 EPSS Score
- Jul 28, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2018-25033 third-party-advisory
- https://github.com/admesh/admesh/issues/28 third-party-advisory
- https://github.com/admesh/admesh/commit/e84d8353f1347e1f26f0a95770d92ba14e6ede38 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2018-25033 third-party-advisory