{"id":"CVE-2018-11740","details":"An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.","modified":"2026-04-16T06:25:21.852729675Z","published":"2018-06-05T11:29:00.463Z","references":[{"type":"FIX","url":"https://github.com/sleuthkit/sleuthkit/issues/1264"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/sleuthkit/sleuthkit","events":[{"introduced":"9b776576aa6a1fbf328e82fd7cb6b428179de016"},{"last_affected":"777f36e02347f4383e1e550cc9b92b19966bf3c3"}],"database_specific":{"versions":[{"introduced":"4.0.2"},{"last_affected":"4.6.1"}]}}],"versions":["sleuthkit-4.0.2","sleuthkit-4.6.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-11740.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}]}