Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-1000300

Опубликовано: 24 мая 2018
Источник: ubuntu
Приоритет: medium
CVSS2: 7.5
CVSS3: 9.8

Описание

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0.

РелизСтатусПримечание
artful

released

7.55.1-1ubuntu2.5
bionic

released

7.58.0-2ubuntu3.1
devel

released

7.58.0-2ubuntu4
esm-infra-legacy/trusty

not-affected

7.35.0-1ubuntu2.15
esm-infra/bionic

released

7.58.0-2ubuntu3.1
esm-infra/xenial

not-affected

7.47.0-1ubuntu2.7
precise/esm

not-affected

trusty

not-affected

7.35.0-1ubuntu2.15
trusty/esm

not-affected

7.35.0-1ubuntu2.15
upstream

released

7.60.0

Показывать по

Ссылки на источники

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-1000300

CVSS3: 7.5
redhat
больше 7 лет назад

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0.

nvd логотип

CVE-2018-1000300

CVSS3: 9.8
nvd
больше 7 лет назад

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0.

debian логотип

CVE-2018-1000300

CVSS3: 9.8
debian
больше 7 лет назад

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-1 ...

github логотип

GHSA-5vcr-2m3x-3m96

CVSS3: 9.8
github
больше 3 лет назад

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0.

fstec логотип

BDU:2018-00916

CVSS3: 9.8
fstec
больше 7 лет назад

Уязвимость программного средства для взаимодействия с серверами cURL, вызванная переполнением буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

7.5 High

CVSS2

9.8 Critical

CVSS3