{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T00:47:28.966","vulnerabilities":[{"cve":{"id":"CVE-2018-1000052","sourceIdentifier":"cve@mitre.org","published":"2018-02-09T23:29:01.837","lastModified":"2024-11-21T03:39:32.003","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85) contains a Memory corruption (SIGSEGV), CWE-134 vulnerability in fmt::print() library function that can result in Denial of Service. This attack appear to be exploitable via Specifying an invalid format specifier in the fmt::print() function results in a SIGSEGV (memory corruption, invalid write). This vulnerability appears to have been fixed in after commit 8cf30aa2be256eba07bb1cefb998c52326e846e7."},{"lang":"es","value":"fmtlib, en versiones anteriores a la 4.1.0 (antes del commit con ID 0555cea5fc0bf890afe0071a558e44625a34ba85), contiene una vulnerabilidad CWE-134 de corrupción de memoria (SIGSEGV) en la función de biblioteca fmt::print() que puede resultar en una denegación de servicio (DoS). El ataque parece ser explotable mediante la especificación de un especificador con formato inválido en la función fmt::print(), lo que resulta en un SIGSEGV (corrupción de memoria y escritura inválida). Parece ser que la vulnerabilidad se ha solucionado tras el commit con ID 8cf30aa2be256eba07bb1cefb998c52326e846e7."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-134"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fmt:fmt:*:*:*:*:*:*:*:*","versionEndExcluding":"4.1.0","matchCriteriaId":"353F293D-0F46-4DFB-89DC-27B50ABB2066"}]}]}],"references":[{"url":"https://github.com/fmtlib/fmt/commit/8cf30aa2be256eba07bb1cefb998c52326e846e7","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://github.com/fmtlib/fmt/issues/642","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/fmtlib/fmt/commit/8cf30aa2be256eba07bb1cefb998c52326e846e7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/fmtlib/fmt/issues/642","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}}]}