Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-19591

Опубликовано: 04 дек. 2018
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
Версия до 2.28 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*

EPSS

Процентиль: 74%
0.00881
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2018-19591

CVSS3: 7.5
ubuntu
больше 6 лет назад

In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.

redhat логотип

CVE-2018-19591

CVSS3: 5.3
redhat
почти 7 лет назад

In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.

msrc логотип

CVE-2018-19591

CVSS3: 7.5
msrc
около 5 лет назад

Описание отсутствует

debian логотип

CVE-2018-19591

CVSS3: 7.5
debian
больше 6 лет назад

In the GNU C Library (aka glibc or libc6) through 2.28, attempting to ...

github логотип

GHSA-x2fw-rj3g-6m95

CVSS3: 7.5
github
больше 3 лет назад

In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.

EPSS

Процентиль: 74%
0.00881
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20