{"id":"CVE-2019-8905","details":"do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.","modified":"2026-03-20T11:30:37.384342Z","published":"2019-02-18T17:29:00.987Z","related":["MGASA-2019-0118","SUSE-SU-2019:0571-1","SUSE-SU-2019:0839-1","openSUSE-SU-2019:0345-1"],"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/107137"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3911-1/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html"},{"type":"REPORT","url":"https://bugs.astron.com/view.php?id=63"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/file/file","events":[{"introduced":"0"},{"last_affected":"d1ff3af7a2c6b38bdbdde7af26b59e3c50a48fff"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.35"}]}}],"versions":["FILE3_27","FILE3_28","FILE3_30","FILE3_31","FILE3_32","FILE3_33","FILE3_34","FILE3_35","FILE3_36","FILE3_37","FILE3_38","FILE3_39","FILE3_40","FILE3_41","FILE4_00","FILE4_01","FILE4_02","FILE4_03","FILE4_04","FILE4_05","FILE4_06","FILE4_07","FILE4_08","FILE4_09","FILE4_10","FILE4_11","FILE4_12","FILE4_13","FILE4_14","FILE4_15","FILE4_16","FILE4_17","FILE4_18","FILE4_19","FILE4_20","FILE4_21","FILE4_22","FILE4_23","FILE4_24","FILE4_25","FILE4_26","FILE5_00","FILE5_01","FILE5_02","FILE5_03","FILE5_04","FILE5_07","FILE5_08","FILE5_09","FILE5_10","FILE5_11","FILE5_12","FILE5_13","FILE5_14","FILE5_15","FILE5_16","FILE5_17","FILE5_18","FILE5_19","FILE5_20","FILE5_21","FILE5_22","FILE5_23","FILE5_24","FILE5_25","FILE5_26","FILE5_27","FILE5_28","FILE5_29","FILE5_30","FILE5_31","FILE5_32","FILE5_33","FILE5_34","FILE5_35","pre-rrt-big-changes-post-4-23"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0"}]},{"events":[{"introduced":"0"},{"last_affected":"42.3"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-8905.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}]}