CVE-2016-8617

Опубликовано: 31 июл. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.4

CVSS3: 3.3

Описание

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPT_USERNAME.

Релиз	Статус	Примечание
devel	released	7.50.1-1ubuntu2
esm-infra-legacy/trusty	not-affected	7.35.0-1ubuntu2.10
esm-infra/xenial	not-affected	7.47.0-1ubuntu2.2
precise	released	7.22.0-3ubuntu4.17
precise/esm	not-affected	7.22.0-3ubuntu4.17
trusty	released	7.35.0-1ubuntu2.10
trusty/esm	not-affected	7.35.0-1ubuntu2.10
upstream	released	7.51.0
vivid/stable-phone-overlay	ignored	end of life
vivid/ubuntu-core	released	7.38.0-3ubuntu2.4

Показывать по

Ссылки на источники

EPSS

Процентиль: 24%

0.00081

Низкий

4.4 Medium

CVSS2

3.3 Low

CVSS3

Связанные уязвимости

CVE-2016-8617

CVSS3: 3.3

redhat

почти 9 лет назад

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`.

CVE-2016-8617

CVSS3: 3.3

nvd

около 7 лет назад

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`.

CVE-2016-8617

CVSS3: 3.3

debian

около 7 лет назад

The base64 encode function in curl before version 7.51.0 is prone to a ...

GHSA-hjj8-p7vc-2hh7

CVSS3: 7

github

больше 3 лет назад

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via `CURLOPT_USERNAME`.

openSUSE-SU-2016:2768-1

suse-cvrf

почти 9 лет назад

Security update for curl

EPSS

Процентиль: 24%

0.00081

Низкий

4.4 Medium

CVSS2

3.3 Low

CVSS3

CVE-2016-8617

Описание

Пакет curl

Ссылки на источники

Связанные уязвимости