CVE-2018-1000101
CRITICAL9.8EPSS 0.57%Published: 3/6/2018Modified: 4/28/2026
Also known as:DEBIAN-CVE-2018-1000101
Description
Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination (CWE-170) vulnerability in mingw-w64-crt (libc)->(v)snprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage, worst case: network.
Affected packages (1)
- Debian/mingw-w64from 0, < 8.0.0-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |