CVE-2016-5421

Опубликовано: 10 авг. 2016

Источник: debian

EPSS Низкий

Описание

Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
curl	fixed	7.50.1-1		package
curl	not-affected		wheezy	package

Примечания

https://curl.haxx.se/docs/adv_20160803C.html
Fixed by https://curl.haxx.se/CVE-2016-5421.patch

EPSS

Процентиль: 79%

0.01296

Низкий

Связанные уязвимости

CVE-2016-5421

CVSS3: 8.1

ubuntu

больше 9 лет назад

Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.

CVE-2016-5421

CVSS3: 8.1

redhat

больше 9 лет назад

Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.

CVE-2016-5421

CVSS3: 8.1

nvd

больше 9 лет назад

Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.

GHSA-89f8-gvcm-9g9g

CVSS3: 8.1

github

больше 3 лет назад

Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.

openSUSE-SU-2016:2379-1

suse-cvrf

больше 9 лет назад

Security update for curl

EPSS

Процентиль: 79%

0.01296

Низкий