{"id":"CVE-2017-12858","details":"Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.","modified":"2026-02-11T13:55:03.773154Z","published":"2017-08-23T14:29:00.360Z","related":["openSUSE-SU-2024:11018-1"],"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100459"},{"type":"ADVISORY","url":"https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796"},{"type":"FIX","url":"https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nih-at/libzip","events":[{"introduced":"0"},{"fixed":"2217022b7d1142738656d891e00b3d2d9179b796"}]}],"versions":["brian-gladman-fcrypt-2008-11-18","rel-0-10","rel-0-10-1","rel-0-11","rel-0-11-1","rel-0-11-2","rel-0-8","rel-0-9","rel-0-9-1","rel-0-9-2","rel-0-9-3","rel-1-0","rel-1-0-1","rel-1-0-beta1","rel-1-1","rel-1-1-1","rel-1-1-2","rel-1-1-3","rel-1-2-0"],"database_specific":{"vanir_signatures":[{"source":"https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796","id":"CVE-2017-12858-11de36c1","digest":{"function_hash":"247741707400283749085108019441784905923","length":5237},"deprecated":false,"signature_type":"Function","signature_version":"v1","target":{"file":"lib/zip_dirent.c","function":"_zip_dirent_read"}},{"source":"https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796","id":"CVE-2017-12858-f2d51449","digest":{"line_hashes":["126407887668340329650951841643656814806","79489290485161336371396243068446216870","103867276804264513481566455227706953226","200745644596356662579889932048953027052","18703439355701899585658934728937768609","10360732491339512210894939584152610856"],"threshold":0.9},"deprecated":false,"signature_type":"Line","signature_version":"v1","target":{"file":"lib/zip_dirent.c"}}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-12858.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}