VDB
CVE-2019-1010057
CVE-2019-1010057
PUBLISHED
nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffile_inline.c:83, minilzo.c (redistributed). The attack vector is: nfdump must read and process a specially crafted file. The fixed version is: after commit 9f0fe9563366f62a71d34c92229da3432ec5cf0e.
EPSS 0.58% · 69.3th percentile
Risk Scores
EPSS Score
0.58%
69.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | nfdump | 0, 1.6.16-2, 1.6.16-3 |
Timeline
- Jul 16, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2019-1010057 third-party-advisory
- https://github.com/phaag/nfdump/issues/104 third-party-advisory
- https://github.com/phaag/nfdump/commit/9f0fe9563366f62a71d34c92229da3432ec5cf0e third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2019-1010057 third-party-advisory