CVE-2014-8119

Опубликовано: 30 мар. 2015

Источник: redhat

CVSS2: 4

EPSS Низкий

Описание

The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.

A denial of service flaw was found in netcf. A specially crafted interface name could cause an application using netcf (such as the libvirt daemon) to crash.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-643->CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=1172176netcf: augeas path expression injection via interface name

EPSS

Процентиль: 85%

0.02408

Низкий

4 Medium

CVSS2

Связанные уязвимости

CVE-2014-8119

CVSS3: 7.5

ubuntu

почти 8 лет назад

The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.

CVE-2014-8119

CVSS3: 7.5

nvd

почти 8 лет назад

The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.

CVE-2014-8119

CVSS3: 7.5

debian

почти 8 лет назад

The find_ifcfg_path function in netcf before 0.2.7 might allow attacke ...

SUSE-SU-2015:1792-1

suse-cvrf

около 10 лет назад

Security update for augeas

SUSE-SU-2015:1249-1

suse-cvrf

больше 10 лет назад

Security update for augeas

EPSS

Процентиль: 85%

0.02408

Низкий

4 Medium

CVSS2