CVE-2018-13410:

Overview

Severity

Critical (CVSS 9.8)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploit Status

Not Exploited

Patch Tuesday

2024-Jun

Released

2020-08-18

Last Updated

2024-06-30

EPSS Score

7.91% (percentile: 92.0%)

Detection & Weaponization (1 sources)

Maturity: Exploit

• GitHub PoC: 1 repositories

Affected Products (10)

Open Source Software

• zip-3.0-5.cm1.x86_64.rpm on CBL Mariner 1.0 x64
• zip-debuginfo-3.0-5.cm1.x86_64.rpm on CBL Mariner 1.0 x64
• zip-3.0-5.cm1.aarch64.rpm on CBL Mariner 1.0 ARM
• zip-debuginfo-3.0-5.cm1.aarch64.rpm on CBL Mariner 1.0 ARM
• zip-3.0-5.cm2.x86_64.rpm on CBL Mariner 2.0 x64
• zip-debuginfo-3.0-5.cm2.x86_64.rpm on CBL Mariner 2.0 x64
• zip-3.0-5.cm2.aarch64.rpm on CBL Mariner 2.0 ARM
• zip-debuginfo-3.0-5.cm2.aarch64.rpm on CBL Mariner 2.0 ARM
• zip-3.0-6.azl3.x86_64.rpm on Azure Linux 3.0 x64
• zip-3.0-6.azl3.aarch64.rpm on Azure Linux 3.0 ARM

Revision History

• 2020-08-18: Information published.
• 2021-12-16: Added zip to CBL-Mariner 2.0
• 2024-06-30: Information published.