CVE-2018-6758

Опубликовано: 06 фев. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.

Ссылки

http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.html
Issue Tracking
Patch
https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2018/02/msg00010.html
Third Party Advisory
http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.html
Issue Tracking
Patch
https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2018/02/msg00010.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:unbit:uwsgi:*:*:*:*:*:*:*:*

Версия до 2.0.15 (включая)

EPSS

Процентиль: 67%

0.00548

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2018-6758

CVSS3: 9.8

ubuntu

около 8 лет назад

The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.

CVE-2018-6758

CVSS3: 9.8

debian

около 8 лет назад

The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through ...

GHSA-gp37-5368-2566

CVSS3: 9.8

github

больше 3 лет назад

The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.

EPSS

Процентиль: 67%

0.00548

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-787