{"id":"CVE-2018-1000101","details":"Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination (CWE-170) vulnerability in mingw-w64-crt (libc)-\u003e(v)snprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage, worst case: network.","modified":"2026-03-12T22:44:27.624039Z","published":"2018-03-06T17:29:00.260Z","references":[{"type":"WEB","url":"https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2018/1000xxx/CVE-2018-1000101.json"},{"type":"WEB","url":"https://sourceforge.net/p/mingw-w64/bugs/709/"},{"type":"ADVISORY","url":"https://sourceforge.net/p/mingw-w64/bugs/709/?limit=25#1d38/fefc/39aa"},{"type":"FIX","url":"https://sourceforge.net/p/mingw-w64/mingw-w64/ci/v5.x/tree/mingw-w64-crt/stdio/snprintf.c#l15"},{"type":"FIX","url":"https://sourceforge.net/p/mingw-w64/mingw-w64/ci/v5.x/tree/mingw-w64-crt/stdio/vsnprintf.c#l12"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-1000101.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"5.0.3"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}