CVE-2017-5357

Опубликовано: 12 янв. 2017

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.

Отчет

Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	ed	Will not fix
Red Hat Enterprise Linux 6	ed	Will not fix
Red Hat Enterprise Linux 7	ed	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=1413901ed: Invalid free in regex.c

EPSS

Процентиль: 77%

0.01019

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2017-5357

CVSS3: 7.5

ubuntu

почти 9 лет назад

regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.

CVE-2017-5357

CVSS3: 7.5

nvd

почти 9 лет назад

regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.

CVE-2017-5357

CVSS3: 7.5

debian

почти 9 лет назад

regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of ...

SUSE-SU-2020:1608-1

suse-cvrf

больше 5 лет назад

Security update for ed

SUSE-SU-2019:14005-1

suse-cvrf

почти 7 лет назад

Security update for ed

EPSS

Процентиль: 77%

0.01019

Низкий

3.3 Low

CVSS3