{"id":"CVE-2017-12858","details":"Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors.","modified":"2026-04-11T04:14:20.211629Z","published":"2017-08-23T14:29:00.360Z","related":["openSUSE-SU-2024:11018-1"],"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100459"},{"type":"FIX","url":"https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nih-at/libzip","events":[{"introduced":"0"},{"last_affected":"a23ac8a766c556827255111eb35ba928641efbc8"},{"fixed":"2217022b7d1142738656d891e00b3d2d9179b796"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.2.0"}]}}],"versions":["brian-gladman-fcrypt-2008-11-18","rel-0-10","rel-0-11-1","rel-0-11-2","rel-0-8","rel-0-9","rel-0-9-1","rel-0-9-2","rel-0-9-3","rel-1-0","rel-1-0-1","rel-1-0-beta1","rel-1-1","rel-1-1-1","rel-1-1-2","rel-1-1-3","rel-1-2-0"],"database_specific":{"vanir_signatures_modified":"2026-04-11T04:14:20Z","vanir_signatures":[{"deprecated":false,"target":{"file":"lib/zip_dirent.c","function":"_zip_dirent_read"},"source":"https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796","signature_version":"v1","signature_type":"Function","id":"CVE-2017-12858-11de36c1","digest":{"function_hash":"247741707400283749085108019441784905923","length":5237}},{"deprecated":false,"target":{"file":"lib/zip_dirent.c"},"source":"https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796","signature_version":"v1","signature_type":"Line","id":"CVE-2017-12858-f2d51449","digest":{"line_hashes":["126407887668340329650951841643656814806","79489290485161336371396243068446216870","103867276804264513481566455227706953226","200745644596356662579889932048953027052","18703439355701899585658934728937768609","10360732491339512210894939584152610856"],"threshold":0.9}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12858.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}