CVE-2021-38614

Опубликовано: 12 авг. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Polipo through 1.1.1, when NDEBUG is used, allows a heap-based buffer overflow during parsing of a Range header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Ссылки

https://www.openwall.com/lists/oss-security/2021/07/28/2
Exploit
Mailing List
Third Party Advisory
https://www.openwall.com/lists/oss-security/2021/07/28/2
Exploit
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:polipo_project:polipo:*:*:*:*:*:*:*:*

Версия до 1.1.1 (включая)

EPSS

Процентиль: 63%

0.00448

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2021-38614

CVSS3: 7.5

ubuntu

больше 4 лет назад

CVE-2021-38614

CVSS3: 7.5

debian

больше 4 лет назад

Polipo through 1.1.1, when NDEBUG is used, allows a heap-based buffer ...

GHSA-475r-cf2c-9qxh

CVSS3: 7.5

github

больше 3 лет назад

** UNSUPPORTED WHEN ASSIGNED ** Polipo through 1.1.1, when NDEBUG is used, allows a heap-based buffer overflow during parsing of a Range header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

EPSS

Процентиль: 63%

0.00448

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-787