CVE-2020-18770

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions zziplib version 0.13.69

Description An issue was discovered in the function zzip disk entry to file header in mmapped.c, which will lead to a denial-of-service.

Recommendations For zziplib version 0.13.69, consider applying a patch or fix to resolve the issue in the zzip disk entry to file header function. As a temporary workaround, consider restricting access to the mmapped.c module to minimize the risk of exploitation.

Exploit

Fix

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

ALSA-2024:2377

ALSA-2024:3127

AZL-43720

AZL-44868

BDU:2025-16157

CESA-2024_3127

CVE-2020-18770

INFSA-2024_2377

INFSA-2024_3127

MGASA-2024-0167

OESA-2023-1816

OPENSUSE-SU-2024:13746-1

RHSA-2024:2377

RHSA-2024:3127

RHSA-2024_2377

RHSA-2024_3127

SUSE-SU-2024:0961-1

SUSE-SU-2024:0970-1

SUSE-SU-2024_0961-1

Affected Products

Almalinux

Centos

Debian

Red Hat

Rocky Linux

Suse

Zziplib

CVE-2020-18770

Weakness Enumeration

Related Identifiers

Affected Products

References · 42