CVE-2019-13107

moderate-risk
Published 2019-06-30

Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.c, mat5.c, mat73.c, and matvar_struct.c

Do I need to act?

-
0.61% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
+
Fix available
Upgrade to: fabac6cf3ab36dbb82bff747aa99016d7759ccc3
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (2)

Affected Vendors

Fedoraproject Matio Project

References (8)

Patch https://github.com/tbeu/matio/compare/f8cd397...fabac6c
Patch https://github.com/tbeu/matio/pull/118
Release Notes https://github.com/tbeu/matio/releases/tag/v1.5.16
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...
Patch https://github.com/tbeu/matio/compare/f8cd397...fabac6c
Patch https://github.com/tbeu/matio/pull/118
Release Notes https://github.com/tbeu/matio/releases/tag/v1.5.16
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...
41
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 2/34 · Minimal
Exposure 7/34 · Low