CVE-2018-18064

ADVISORY - nist

Summary

cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

EPSS Score⁠: 0.0051 (0.658)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-787⁠

Out-of-bounds Write

ADVISORY - redhat

CWE-121⁠

Stack-based Buffer Overflow

Impacted images

Advisories

NIST

CREATED

7 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2018-18064⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

6.5medium

Debian

CREATED

7 years ago

UPDATED

1 day ago

ADVISORY IDCVE-2018-18064⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

7 years ago

UPDATED

6 months ago

ADVISORY IDCVE-2018-18064⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5low

Red Hat

CREATED

7 years ago

UPDATED

4 days ago

ADVISORY IDCVE-2018-18064⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

6.3medium

intheWild

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY IDCVE-2018-18064⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY