CVE-2016-4456

Опубликовано: 08 авг. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem.

Релиз	Статус	Примечание
devel	not-affected	3.4.11-4ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected]
esm-infra/xenial	not-affected
precise	not-affected
trusty	not-affected
trusty/esm	DNE	trusty was not-affected
upstream	released	3.4.13-1
vivid/stable-phone-overlay	not-affected
vivid/ubuntu-core	not-affected
wily	not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 48%

0.00246

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2016-4456

CVSS3: 6.3

redhat

больше 9 лет назад

The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem.

CVE-2016-4456

CVSS3: 7.5

nvd

больше 8 лет назад

The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem.

CVE-2016-4456

CVSS3: 7.5

debian

больше 8 лет назад

The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows r ...

GHSA-f425-wv72-9hrq

CVSS3: 7.5

github

больше 3 лет назад

The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem.

EPSS

Процентиль: 48%

0.00246

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2016-4456

Описание

Пакет gnutls28

Ссылки на источники

Связанные уязвимости