In Rubyzip before 1.3.0, a crafted... CVE-2019-16892

7.1 AV AC AU C I A
发布: 2019-09-25
修订: 2020-09-23

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service (disk consumption).

0%
暂无可用Exp或PoC
当前有19条受影响产品信息