CVE-2018-17427

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-17427
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-17427.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-17427
Published
2018-10-01T08:29:00.537Z
Modified
2026-04-11T11:40:01.875407Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

SIMDComp before 0.1.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes.

References

Affected packages

Git / github.com/lemire/simdcomp

Affected ranges

Type
GIT
Repo
https://github.com/lemire/simdcomp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
1ad101cd6d1abfd412b7941fc00353741c6b23cf
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.1.0"
        }
    ]
}

Affected versions

Other
AFTER_C89_COMPAT_MERGE
BEFORE_C89_COMPAT_MERGE
v0.*
v0.0.1
v0.0.3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-17427.json"
vanir_signatures_modified 
"2026-04-11T11:40:01Z"
vanir_signatures 
[
    {
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/lemire/simdcomp/commit/1ad101cd6d1abfd412b7941fc00353741c6b23cf",
        "digest": {
            "function_hash": "128915971272769605019711544841945851405",
            "length": 726.0
        },
        "id": "CVE-2018-17427-188fae8a",
        "deprecated": false,
        "target": {
            "file": "tests/unit.c",
            "function": "issue21FOR"
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/lemire/simdcomp/commit/1ad101cd6d1abfd412b7941fc00353741c6b23cf",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "104669713274731415044603649647647989782",
                "253364909709180325595647038745674390417",
                "131325695439422002455176027556501278457",
                "246273142546560372917915317380043256840",
                "246444494704751250953798796170787226377",
                "300385427019851237262178570231131289436",
                "122902991565376068663601701770073138135",
                "251725131586354863736780893934379191788",
                "205715020341880022438694980030327456371",
                "32717735467049297158910556872454123978",
                "130402509148538532279531722717925800702",
                "261947715935070227542427604197305280890",
                "332328474536483293135333483680176684322",
                "23604507985292424615379952247639866297",
                "57209305993480443734818677419534409884",
                "186580139110834246613956067537150696903"
            ]
        },
        "id": "CVE-2018-17427-88f9b613",
        "deprecated": false,
        "target": {
            "file": "tests/unit.c"
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/lemire/simdcomp/commit/1ad101cd6d1abfd412b7941fc00353741c6b23cf",
        "digest": {
            "function_hash": "106977858763751906339997503820305554133",
            "length": 702.0
        },
        "id": "CVE-2018-17427-a2dcfa32",
        "deprecated": false,
        "target": {
            "file": "tests/unit.c",
            "function": "issue21"
        }
    }
]