CVE-2025-2175

Medium CVSS: 5.3

A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function _vbi_strndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.

Vendor

Zapping-vbi

Product

Zvbi

CWE

CWE-189

Yayın Tarihi

2025-03-11 07:15:37

Güncelleme

2025-10-03 00:23:24

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-189 Zvbi MEDIUM Zapping-vbi 2025

Referanslar

https://github.com/zapping-vbi/zvbi/releases/tag/v0.2.44 https://github.com/zapping-vbi/zvbi/security/advisories/GHSA-g7cg-7gw9-v8cf https://vuldb.com/?ctiid.299204 https://vuldb.com/?id.299204 https://vuldb.com/?submit.512801

Benzer Kayıtlar

Medium

CVE-2025-2176

A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbi_capture_sim…

Medium

CVE-2025-2177

A vulnerability classified as critical was found in libzvbi up to 0.2.43. This vulnerability affects the function vbi_se…

Medium

CVE-2025-2173

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbi_s…

Medium

CVE-2025-2174

A vulnerability was found in libzvbi up to 0.2.43. It has been declared as problematic. Affected by this vulnerability i…