CVE-2017-1000232

Опубликовано: 17 нояб. 2017

Источник: debian

EPSS Низкий

Описание

A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.

Пакет	Статус	Версия исправления	Релиз	Тип
ldns	fixed	1.7.0-4		package
ldns	no-dsa		jessie	package
ldns	not-affected		wheezy	package

https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=1257
https://github.com/NLnetLabs/ldns/commit/3bdeed02505c9bbacb3b64a97ddcb1de967153b7

EPSS

Процентиль: 65%

0.00494

Низкий

CVE-2017-1000232

CVSS3: 9.8

ubuntu

почти 8 лет назад

A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.

CVE-2017-1000232

CVSS3: 5.9

redhat

больше 8 лет назад

A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.

CVE-2017-1000232

CVSS3: 9.8

nvd

почти 8 лет назад

A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.

CVE-2017-1000232

CVSS3: 9.8

msrc

около 3 лет назад

Описание отсутствует

GHSA-w48v-5pp6-7h96

CVSS3: 9.8

github

больше 3 лет назад

A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.

EPSS

Процентиль: 65%

0.00494

Низкий