VDB
CVE-2018-25153
CVE-2018-25153
REJECTED
GNU Barcode 0.99 contains a memory leak vulnerability in the command line processing function within cmdline.c. Attackers can exploit this vulnerability by providing specially crafted input that causes unfreed memory allocations, potentially leading to denial of service conditions.
EPSS 0.03% · 7.2th percentile
Risk Scores
EPSS Score
0.03%
7.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:24.04:LTS | barcode | 0.99-7, 0.99-6, 0 |
| Ubuntu:18.04:LTS | barcode | 0, 0.98+debian-9.1build1, 0.98+debian-9.1 |
| Ubuntu:25.10 | barcode | 0.99-9, 0 |
| Ubuntu:25.04 | barcode | 0.99-8build1, 0.99-8, 0 |
| Ubuntu:20.04:LTS | barcode | 0.99-3, 0 |
| Ubuntu:16.04:LTS | barcode | 0, 0.98+debian-9.1 |
| Ubuntu:22.04:LTS | barcode | 0.99-4, 0, 0.99-5 |
Exploit Intelligence
- CIRCL seen: CVE-2018-25153 (circl-sighting)
- CIRCL seen: CVE-2018-25153 (circl-sighting)
Timeline
- Dec 25, 2025 EPSS Score
- Dec 26, 2025 EPSS Score
- Dec 26, 2025 PoC Published
- Dec 26, 2025 PoC Published
- Dec 27, 2025 EPSS Score
- Dec 28, 2025 EPSS Score
- Dec 29, 2025 EPSS Score
- Dec 30, 2025 CVE Rejected
- Dec 30, 2025 CVE Updated
- Apr 1, 2026 Security Advisory
References
- https://ubuntu.com/security/CVE-2018-25153 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2018-25153 third-party-advisory
- https://lists.gnu.org/archive/html/bug-barcode/2018-05/msg00002.html third-party-advisory
- https://www.exploit-db.com/exploits/44798 third-party-advisory
- https://directory.fsf.org/wiki/Barcode third-party-advisory
- https://www.gnu.org/software/barcode/ third-party-advisory