CVE-2018-25154

EUVD-2025-205332
GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allows attackers to trigger memory corruption. Attackers can exploit boundary errors during input file processing to potentially execute arbitrary code on the affected system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
VulnCheckCNA
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Debian logo
Debian Releases
Debian Product
Codename
barcode
bookworm
unimportant
bullseye
unimportant
forky
unimportant
sid
unimportant
trixie
unimportant
Common Weakness Enumeration
References
https://directory.fsf.org/wiki/Barcode
https://www.exploit-db.com/exploits/44797
https://www.gnu.org/software/barcode/