CVE-2018-10911
HIGH7.5EPSS 4.3%Published: 9/4/2018Modified: 4/28/2026
Also known as:DEBIAN-CVE-2018-10911
Description
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.
Affected packages (1)
- Debian/glusterfsfrom 0, < 4.1.4-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |