CVE-2018-16842

Опубликовано: 31 окт. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.4

CVSS3: 4.4

Описание

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.

Релиз	Статус	Примечание
bionic	released	7.58.0-2ubuntu3.5
cosmic	released	7.61.0-1ubuntu2.2
devel	released	7.61.0-1ubuntu2.2
esm-infra-legacy/trusty	released	7.35.0-1ubuntu2.19
esm-infra/bionic	released	7.58.0-2ubuntu3.5
esm-infra/xenial	released	7.47.0-1ubuntu2.11
precise/esm	not-affected	7.22.0-3ubuntu4.24
trusty	released	7.35.0-1ubuntu2.19
trusty/esm	released	7.35.0-1ubuntu2.19
upstream	pending	7.62.0

Показывать по

Ссылки на источники

EPSS

Процентиль: 32%

0.00126

Низкий

6.4 Medium

CVSS2

4.4 Medium

CVSS3

Связанные уязвимости

CVE-2018-16842

CVSS3: 3.6

redhat

больше 7 лет назад

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.

CVE-2018-16842

CVSS3: 4.4

nvd

больше 7 лет назад

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.

CVE-2018-16842

CVSS3: 4.4

debian

больше 7 лет назад

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buf ...

GHSA-wh7w-vjg6-xh6h

CVSS3: 9.1

github

больше 3 лет назад

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.

ELSA-2019-2181

oracle-oval

больше 6 лет назад

ELSA-2019-2181: curl security and bug fix update (LOW)

EPSS

Процентиль: 32%

0.00126

Низкий

6.4 Medium

CVSS2

4.4 Medium

CVSS3

CVE-2018-16842

Описание

Пакет curl

Ссылки на источники

Связанные уязвимости