CVE-2016-8618

Опубликовано: 31 июл. 2018

Источник: debian

EPSS Низкий

Описание

The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
curl	fixed	7.51.0-1		package

Примечания

https://github.com/curl/curl/commit/8732ec40db652c53fa58cd13e2acb8eab6e40874
https://curl.haxx.se/docs/adv_20161102D.html
https://curl.haxx.se/CVE-2016-8618.patch

EPSS

Процентиль: 80%

0.01507

Низкий

Связанные уязвимости

CVE-2016-8618

CVSS3: 5.3

ubuntu

почти 7 лет назад

The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.

CVE-2016-8618

CVSS3: 5.3

redhat

больше 8 лет назад

The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.

CVE-2016-8618

CVSS3: 5.3

nvd

почти 7 лет назад

The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.

GHSA-36jj-p27h-fh24

CVSS3: 9.8

github

около 3 лет назад

The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.

openSUSE-SU-2016:2768-1

suse-cvrf

больше 8 лет назад

Security update for curl

EPSS

Процентиль: 80%

0.01507

Низкий