CVE-2017-15364

Name of the Vulnerable Software and Affected Versions Ccsv version 1.1.0

Description The issue allows remote attackers to cause a denial of service, resulting in a double free and application crash, or possibly have other unspecified impacts via a crafted file. This is related to the foreach function in ext/ccsv.c. However, it is noted that the presence of this issue in version 1.1.0 has been disputed.

Recommendations For version 1.1.0, consider avoiding the use of the foreach function in ext/ccsv.c until the dispute regarding its presence is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.