CVE-2018-7577: Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a cr
mediumvulnerability
security
Summary
A bug in Google's Snappy library version 1.1.4, used in TensorFlow before version 1.7.1, allows a memcpy operation (a function that copies data in memory) to overlap with itself, potentially causing the program to crash or expose data from other parts of the computer's memory. This vulnerability stems from improper input validation (checking whether user input is safe before processing it).
Vulnerability Details
CVSS Score
5.8
EPSS (30-day exploit probability)
EPSS: 0.2%
Classification
Attack SophisticationModerate
Impact (CIA+S)
confidentialityavailability
AI Component TargetedFramework
Taxonomy References
CWE (Weakness Type)
Affected Vendors
Google
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2018-7577
First tracked: February 15, 2026 at 08:38 PM
Classified by LLM (prompt v3) · confidence: 92%