本ページは libplist_project libplist に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2017-6440 | The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file. | [email protected] | 5.0 | 0.12% | 2017-03-15 | 2026-05-13 |
| CVE-2017-6439 | Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file. | [email protected] | 5.0 | 0.05% | 2017-03-15 | 2026-05-13 |
| CVE-2017-6438 | Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file. | [email protected] | 7.3 | 0.09% | 2017-03-15 | 2026-05-13 |
| CVE-2017-6437 | The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file. | [email protected] | 5.0 | 0.12% | 2017-03-15 | 2026-05-13 |
| CVE-2017-6436 | The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file. | [email protected] | 5.0 | 0.05% | 2017-03-15 | 2026-05-13 |
| CVE-2017-6435 | The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file. | [email protected] | 5.0 | 0.10% | 2017-03-15 | 2026-05-13 |