CVE-2018-12088
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-12088
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12088.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-12088
- Related
- Published
- 2018-06-10T23:29:00Z
- Modified
- 2024-12-08T05:45:21.945852Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is related to the checksumbasicmapping function.
- References
Affected packages
Debian:13 / s3ql
Package
- Name
- s3ql
- Purl
- pkg:deb/debian/s3ql?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.27.1+dfsg-1
Affected versions
1.*
1.0.1-1
1.0.1-2
1.2-1
1.4-1
1.5-1
1.6-1
1.7-1
1.8.1-1
1.9-1
1.10-1
1.11-1
1.11.1-1
1.11.1-2
1.11.1-3
1.12-1
1.13.1-1
1.14-1
1.15-1
1.16-1
1.16-2
2.*
2.5-1
2.5-2
2.7-1
2.8.1+dfsg-1
2.9+dfsg-1
2.9+dfsg-2
2.10.1+dfsg-1
2.10.1+dfsg-2
2.10.1+dfsg-3
2.10.1+dfsg-4
2.11.1+dfsg-1
2.11.1+dfsg-2
2.11.1+dfsg-3
2.12+dfsg-1
2.12+dfsg-2
2.13+dfsg-1
2.13+dfsg-2
2.14+dfsg-1
2.15+dfsg-1
2.16+dfsg-1
2.17+dfsg-1
2.17.1+dfsg-1
2.17.1+hg1-1
2.17.1+hg1-2
2.17.1+hg2+dfsg-1
2.17.1+hg2+dfsg-2
2.17.1+hg2+dfsg-3
2.18+dfsg-1
2.19+dfsg-1
2.20+dfsg-1
2.21+dfsg-1~bpo8+1
2.21+dfsg-1
2.21+dfsg-2
2.21+dfsg-3
2.22+dfsg-1
2.23+dfsg-1
2.24+dfsg-1
2.25+dfsg-1
2.26+dfsg-1
2.26+dfsg-2
2.26+dfsg-3
2.26+dfsg-4
Git / github.com/s3ql/s3ql
Affected ranges
- Type
- GIT
- Repo
- https://github.com/s3ql/s3ql
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
alpha3
alpha4
dev-release-1.*
dev-release-1.1
dev-release-1.1.2
dev-release-1.1.3
dev-release-1.1.4
release-0.*
release-0.1
release-0.10
release-0.11
release-0.12
release-0.13
release-0.14
release-0.15
release-0.16
release-0.17
release-0.18
release-0.19
release-0.2
release-0.20
release-0.20.1
release-0.21
release-0.22
release-0.23
release-0.24
release-0.25
release-0.26
release-0.27
release-0.28
release-0.29
release-0.3
release-0.30
release-0.4
release-0.43
release-0.5
release-0.6
release-0.7
release-0.8
release-0.9
release-1.*
release-1.0
release-1.0.1
release-1.10
release-1.11
release-1.11.1
release-1.12
release-1.13
release-1.13.1
release-1.13.2
release-1.14
release-1.2
release-1.3
release-1.4
release-1.5
release-1.6
release-1.7
release-1.8
release-1.8.1
release-1.9
release-2.*
release-2.0b
release-2.10
release-2.10.1
release-2.11
release-2.11.1
release-2.12
release-2.13
release-2.14
release-2.15
release-2.16
release-2.17
release-2.17.1
release-2.18
release-2.19
release-2.1b
release-2.2
release-2.20
release-2.21
release-2.22
release-2.23
release-2.24
release-2.25
release-2.26
release-2.3
release-2.4
release-2.5
release-2.6
release-2.7
release-2.8
release-2.8.1
release-2.9