Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-1000100 (GCVE-0-2017-1000100)
Vulnerability from cvelistv5 – Published: 2017-10-04 01:00 – Updated: 2026-04-16 13:34
VLAI?
EPSS
Summary
When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn't restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl's redirect protocols with --proto-redir and libcurl's with CURLOPT_REDIR_PROTOCOLS.
Severity ?
6.5 (Medium)
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://support.apple.com/HT208221 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/100286 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2018:3558 | vendor-advisoryx_refsource_REDHAT |
| https://security.gentoo.org/glsa/201709-14 | vendor-advisoryx_refsource_GENTOO |
| http://www.securitytracker.com/id/1039118 | vdb-entryx_refsource_SECTRACK |
| https://curl.haxx.se/docs/adv_20170809B.html | x_refsource_CONFIRM |
| http://www.debian.org/security/2017/dsa-3992 | vendor-advisoryx_refsource_DEBIAN |
Date Public ?
2017-10-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:53:06.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "100286",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100286"
},
{
"name": "RHSA-2018:3558",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name": "GLSA-201709-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-14"
},
{
"name": "1039118",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039118"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://curl.haxx.se/docs/adv_20170809B.html"
},
{
"name": "DSA-3992",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3992"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2017-1000100",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-16T13:34:47.508366Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-16T13:34:51.252Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-08-22T00:00:00.000Z",
"datePublic": "2017-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn\u0027t restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl\u0027s redirect protocols with --proto-redir and libcurl\u0027s with CURLOPT_REDIR_PROTOCOLS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-13T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "100286",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100286"
},
{
"name": "RHSA-2018:3558",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name": "GLSA-201709-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-14"
},
{
"name": "1039118",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039118"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://curl.haxx.se/docs/adv_20170809B.html"
},
{
"name": "DSA-3992",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3992"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.315894",
"ID": "CVE-2017-1000100",
"REQUESTER": "daniel@haxx.se",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn\u0027t restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl\u0027s redirect protocols with --proto-redir and libcurl\u0027s with CURLOPT_REDIR_PROTOCOLS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "100286",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100286"
},
{
"name": "RHSA-2018:3558",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name": "GLSA-201709-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-14"
},
{
"name": "1039118",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039118"
},
{
"name": "https://curl.haxx.se/docs/adv_20170809B.html",
"refsource": "CONFIRM",
"url": "https://curl.haxx.se/docs/adv_20170809B.html"
},
{
"name": "DSA-3992",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3992"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000100",
"datePublished": "2017-10-04T01:00:00.000Z",
"dateReserved": "2017-10-03T00:00:00.000Z",
"dateUpdated": "2026-04-16T13:34:51.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-1000100",
"date": "2026-05-23",
"epss": "0.00567",
"percentile": "0.68737"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60BBDF07-DB97-433E-B542-EFEBE45550DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA8BE3F8-82ED-4DD7-991E-979E950C98B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"738AA231-4694-46E8-B559-1594263A9987\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9E1F171-B887-499A-BF4F-538EBF347811\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07AA276A-0EBA-4DC9-951C-8F8159FAC7A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DEEF534-9AD2-4439-9D69-E91D062C4647\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63643BE1-C978-4CD2-8ED1-2B979DB0676E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6FA04A0-9258-4654-ABCF-F41340B1FA35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE829230-AFDB-4131-9C6A-D9D7A66C5B57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7E8BA30-8087-48D4-AE1B-48326FF826B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47970EFF-2F51-4875-A6BD-E30614E13278\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52C9B668-3204-41C5-A82E-262BDFA541DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08C8EE1E-E186-42D6-8B12-05865C73F261\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEA3D88B-41B9-4D79-B47D-B3D6058C0C27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2C80901-D48E-4C2A-9BED-A40007A11C97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"331A51E4-AA73-486F-9618-5A83965F2436\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB32DF2C-9208-4853-ADEB-B00D764D7467\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E05636DC-7E38-4605-AAB8-81C0AE37520A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"624DF2F1-53FD-48D3-B93D-44E99C9C0C5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2171C7C-311A-4405-B95F-3A54966FA844\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DE20A41-8B53-46FC-9002-69CC7495171F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87ED9DA0-E880-4CBB-B1AC-5AEE8A004718\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5293C7F0-BF9F-4768-889A-876CE78903CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3EB41B3-65F3-4B0E-8CCC-325B14AF605B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"857B244C-2AFB-40C7-A893-7C6DE9871BCE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B732CE55-820A-40E0-A885-71BBB6CF8C15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0455A5F2-1515-4CD8-BA2F-74D28E91A661\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29034B3A-BE9D-4D68-8C56-4465C03C3693\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6249538E-FBCB-4130-91FB-DA78D7BA45DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E11B8A5-50A2-468F-BFB3-86DD9D28AC73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EAE25A0-3828-46F1-AB30-88732CBC9F38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1533A85C-2160-445D-8787-E624AEDC5A0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D87B9393-7EA4-43DA-900C-7E840AE2D4C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D1249E9-304F-4952-8DAB-8B79CE5E7D54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83FAF953-6A65-4FAB-BDB5-03B468CD1C9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29F8FF1F-A639-4161-9366-62528AAF4C07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"812AB429-379A-4EDE-9664-5BC2989053F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13DD791F-C4BD-4456-955A-92E84082AA09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A17E442-45AA-4780-98B4-9BF764DCC1C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6AF544C-5F16-4434-B9FB-93B1B7318950\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBFD9ED9-2412-44AE-9C55-0ED03A121B23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67CCE31B-ABDA-4F32-BAF1-B1AD0664B3E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E66A332-ECD1-4452-B444-FB629022FDF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDD3D599-35E9-4590-B5E0-3AF04D344695\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3B6BFFB-7967-482C-9B49-4BD25C815299\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1791BF6D-2C96-4A6E-90D4-2906A73601F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"260DD751-4145-4B75-B892-5FC932C6A305\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFF4AD0D-2EC5-4CE8-B6B3-2EC8ED2FF118\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EB1CB85-0A9B-4816-B471-278774EE6D4C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3831AB03-4E7E-476D-9623-58AADC188DFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABACE305-2F0C-4B59-BC5C-6DF162B450E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FAC1B55-F492-484E-B837-E7745682DE0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0D57914-B40A-462B-9C78-6433BE2B2DB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9A12DF7-62C5-46AD-9236-E2821C64156E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C43697D-390A-4AC0-A5D8-62B6D22245BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D52E9E9F-7A35-4CB9-813E-5A1D4A36415C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"257291FB-969C-4413-BA81-806B5E1B40A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88DC6ED5-4C1A-4ED0-97BA-B245C4A236C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51AA7383-3AA1-4A3B-BA46-BBA8FBDC10DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"003D8430-AA07-41B5-9F22-696C554CB277\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C3ED21E-7907-4248-A32F-BB3102A80DC6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2E41520-CA31-4BA0-B247-F1DCAAE98DD6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57F2C633-D720-4FD9-9C75-2D4C57120357\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8F2FBC9-059A-4299-B59F-8EFD797E3704\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"920FCC26-B458-46D8-B023-DB4C19A51718\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B21C08D5-7454-4292-A87C-900C9494E38B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B727926-90A2-4A7E-9905-70160C1E0D8D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1A247AE-B209-42BE-8BE7-865AE279D23E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8429FF9B-D7EA-40E6-A6E8-961EA71F20C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D387194-720A-4D9C-928E-6FAF2EC6C33C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2782D32-B023-47B1-A513-251D5093CE5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8373A4E6-BA92-4B5B-9E97-E8C1E8C22C13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"084F63A4-64E4-48FC-8B8C-A4F3E7D39D08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0D4DFF0-9953-4AB8-8C24-3977448BFE64\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B5B274B-F232-47E8-9E8A-0EB08F97DE40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73E42C72-868A-4AE4-A33E-79F8190C94C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24E2F3C4-5D88-4C16-BAA7-A34CF7687415\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"067EB50A-E70F-4C04-ACE7-67BD7E5A4344\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C1D4922-F424-45B1-AF98-B1DD33981110\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn\u0027t restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl\u0027s redirect protocols with --proto-redir and libcurl\u0027s with CURLOPT_REDIR_PROTOCOLS.\"}, {\"lang\": \"es\", \"value\": \"A la hora de hacer una transferencia TFTP y proporcionar una URL con un nombre de archivo muy grande (mayor que 515 bytes) en curl/libcurl, el nombre de archivo se trunca para que entre en los l\\u00edmites del b\\u00fafer, pero el tama\\u00f1o del b\\u00fafer se sigue actualizando err\\u00f3neamente para usar la longitud no truncada. Este valor excesivamente grande se utiliza luego en la llamada sendto(), lo que hace que un intento curl env\\u00ede m\\u00e1s datos que los que est\\u00e1n realmente puestos en el b\\u00fafer. La funci\\u00f3n endto() lee entonces m\\u00e1s all\\u00e1 del final del b\\u00fafer basado en la memoria din\\u00e1mica (heap). Un servidor HTTP(S) malicioso podr\\u00eda redirigir un cliente vulnerable que utiliza libcurl a una URL TFTP manipulada (si el cliente no tuviese restringidos a qu\\u00e9 protocolos se permiten redirecciones) y enga\\u00f1arle para que env\\u00ede contenidos privados de la memoria a un servidor remoto por UDP. Limite los protocolos de redirecci\\u00f3n de curl con --proto-redir y los de libcurl, con CURLOPT_REDIR_PROTOCOLS.\"}]",
"id": "CVE-2017-1000100",
"lastModified": "2024-11-21T03:04:09.640",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:N/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2017-10-05T01:29:04.057",
"references": "[{\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/100286\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1039118\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809B.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.apple.com/HT208221\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/100286\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1039118\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809B.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.apple.com/HT208221\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-1000100\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-10-05T01:29:04.057\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn\u0027t restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl\u0027s redirect protocols with --proto-redir and libcurl\u0027s with CURLOPT_REDIR_PROTOCOLS.\"},{\"lang\":\"es\",\"value\":\"A la hora de hacer una transferencia TFTP y proporcionar una URL con un nombre de archivo muy grande (mayor que 515 bytes) en curl/libcurl, el nombre de archivo se trunca para que entre en los l\u00edmites del b\u00fafer, pero el tama\u00f1o del b\u00fafer se sigue actualizando err\u00f3neamente para usar la longitud no truncada. Este valor excesivamente grande se utiliza luego en la llamada sendto(), lo que hace que un intento curl env\u00ede m\u00e1s datos que los que est\u00e1n realmente puestos en el b\u00fafer. La funci\u00f3n endto() lee entonces m\u00e1s all\u00e1 del final del b\u00fafer basado en la memoria din\u00e1mica (heap). Un servidor HTTP(S) malicioso podr\u00eda redirigir un cliente vulnerable que utiliza libcurl a una URL TFTP manipulada (si el cliente no tuviese restringidos a qu\u00e9 protocolos se permiten redirecciones) y enga\u00f1arle para que env\u00ede contenidos privados de la memoria a un servidor remoto por UDP. Limite los protocolos de redirecci\u00f3n de curl con --proto-redir y los de libcurl, con CURLOPT_REDIR_PROTOCOLS.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60BBDF07-DB97-433E-B542-EFEBE45550DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA8BE3F8-82ED-4DD7-991E-979E950C98B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"738AA231-4694-46E8-B559-1594263A9987\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9E1F171-B887-499A-BF4F-538EBF347811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07AA276A-0EBA-4DC9-951C-8F8159FAC7A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DEEF534-9AD2-4439-9D69-E91D062C4647\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63643BE1-C978-4CD2-8ED1-2B979DB0676E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6FA04A0-9258-4654-ABCF-F41340B1FA35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE829230-AFDB-4131-9C6A-D9D7A66C5B57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7E8BA30-8087-48D4-AE1B-48326FF826B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47970EFF-2F51-4875-A6BD-E30614E13278\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C9B668-3204-41C5-A82E-262BDFA541DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08C8EE1E-E186-42D6-8B12-05865C73F261\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEA3D88B-41B9-4D79-B47D-B3D6058C0C27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2C80901-D48E-4C2A-9BED-A40007A11C97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"331A51E4-AA73-486F-9618-5A83965F2436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB32DF2C-9208-4853-ADEB-B00D764D7467\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E05636DC-7E38-4605-AAB8-81C0AE37520A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"624DF2F1-53FD-48D3-B93D-44E99C9C0C5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2171C7C-311A-4405-B95F-3A54966FA844\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DE20A41-8B53-46FC-9002-69CC7495171F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87ED9DA0-E880-4CBB-B1AC-5AEE8A004718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5293C7F0-BF9F-4768-889A-876CE78903CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3EB41B3-65F3-4B0E-8CCC-325B14AF605B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"857B244C-2AFB-40C7-A893-7C6DE9871BCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B732CE55-820A-40E0-A885-71BBB6CF8C15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0455A5F2-1515-4CD8-BA2F-74D28E91A661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29034B3A-BE9D-4D68-8C56-4465C03C3693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6249538E-FBCB-4130-91FB-DA78D7BA45DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E11B8A5-50A2-468F-BFB3-86DD9D28AC73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EAE25A0-3828-46F1-AB30-88732CBC9F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1533A85C-2160-445D-8787-E624AEDC5A0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87B9393-7EA4-43DA-900C-7E840AE2D4C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D1249E9-304F-4952-8DAB-8B79CE5E7D54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83FAF953-6A65-4FAB-BDB5-03B468CD1C9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29F8FF1F-A639-4161-9366-62528AAF4C07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"812AB429-379A-4EDE-9664-5BC2989053F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13DD791F-C4BD-4456-955A-92E84082AA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A17E442-45AA-4780-98B4-9BF764DCC1C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6AF544C-5F16-4434-B9FB-93B1B7318950\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBFD9ED9-2412-44AE-9C55-0ED03A121B23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67CCE31B-ABDA-4F32-BAF1-B1AD0664B3E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E66A332-ECD1-4452-B444-FB629022FDF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDD3D599-35E9-4590-B5E0-3AF04D344695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3B6BFFB-7967-482C-9B49-4BD25C815299\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1791BF6D-2C96-4A6E-90D4-2906A73601F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"260DD751-4145-4B75-B892-5FC932C6A305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFF4AD0D-2EC5-4CE8-B6B3-2EC8ED2FF118\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB1CB85-0A9B-4816-B471-278774EE6D4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3831AB03-4E7E-476D-9623-58AADC188DFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABACE305-2F0C-4B59-BC5C-6DF162B450E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAC1B55-F492-484E-B837-E7745682DE0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0D57914-B40A-462B-9C78-6433BE2B2DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9A12DF7-62C5-46AD-9236-E2821C64156E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C43697D-390A-4AC0-A5D8-62B6D22245BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D52E9E9F-7A35-4CB9-813E-5A1D4A36415C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"257291FB-969C-4413-BA81-806B5E1B40A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88DC6ED5-4C1A-4ED0-97BA-B245C4A236C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51AA7383-3AA1-4A3B-BA46-BBA8FBDC10DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"003D8430-AA07-41B5-9F22-696C554CB277\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C3ED21E-7907-4248-A32F-BB3102A80DC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2E41520-CA31-4BA0-B247-F1DCAAE98DD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57F2C633-D720-4FD9-9C75-2D4C57120357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8F2FBC9-059A-4299-B59F-8EFD797E3704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"920FCC26-B458-46D8-B023-DB4C19A51718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B21C08D5-7454-4292-A87C-900C9494E38B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B727926-90A2-4A7E-9905-70160C1E0D8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1A247AE-B209-42BE-8BE7-865AE279D23E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8429FF9B-D7EA-40E6-A6E8-961EA71F20C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D387194-720A-4D9C-928E-6FAF2EC6C33C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2782D32-B023-47B1-A513-251D5093CE5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8373A4E6-BA92-4B5B-9E97-E8C1E8C22C13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"084F63A4-64E4-48FC-8B8C-A4F3E7D39D08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0D4DFF0-9953-4AB8-8C24-3977448BFE64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B5B274B-F232-47E8-9E8A-0EB08F97DE40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73E42C72-868A-4AE4-A33E-79F8190C94C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24E2F3C4-5D88-4C16-BAA7-A34CF7687415\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"067EB50A-E70F-4C04-ACE7-67BD7E5A4344\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C1D4922-F424-45B1-AF98-B1DD33981110\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3992\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/100286\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039118\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3558\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://curl.haxx.se/docs/adv_20170809B.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201709-14\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2017/dsa-3992\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/100286\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039118\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://curl.haxx.se/docs/adv_20170809B.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201709-14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.apple.com/HT208221\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/100286\", \"name\": \"100286\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"name\": \"RHSA-2018:3558\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"name\": \"GLSA-201709-14\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1039118\", \"name\": \"1039118\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809B.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"name\": \"DSA-3992\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T21:53:06.527Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-1000100\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-16T13:34:47.508366Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-16T13:34:26.877Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2017-10-03T00:00:00.000Z\", \"references\": [{\"url\": \"https://support.apple.com/HT208221\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securityfocus.com/bid/100286\", \"name\": \"100286\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"name\": \"RHSA-2018:3558\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"name\": \"GLSA-201709-14\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://www.securitytracker.com/id/1039118\", \"name\": \"1039118\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809B.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"name\": \"DSA-3992\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}], \"dateAssigned\": \"2017-08-22T00:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn\u0027t restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl\u0027s redirect protocols with --proto-redir and libcurl\u0027s with CURLOPT_REDIR_PROTOCOLS.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2018-11-13T10:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://support.apple.com/HT208221\", \"name\": \"https://support.apple.com/HT208221\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securityfocus.com/bid/100286\", \"name\": \"100286\", \"refsource\": \"BID\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"name\": \"RHSA-2018:3558\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"name\": \"GLSA-201709-14\", \"refsource\": \"GENTOO\"}, {\"url\": \"http://www.securitytracker.com/id/1039118\", \"name\": \"1039118\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809B.html\", \"name\": \"https://curl.haxx.se/docs/adv_20170809B.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"name\": \"DSA-3992\", \"refsource\": \"DEBIAN\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn\u0027t restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl\u0027s redirect protocols with --proto-redir and libcurl\u0027s with CURLOPT_REDIR_PROTOCOLS.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-1000100\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\", \"REQUESTER\": \"daniel@haxx.se\", \"DATE_ASSIGNED\": \"2017-08-22T17:29:33.315894\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2017-1000100\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-16T13:34:51.252Z\", \"dateReserved\": \"2017-10-03T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2017-10-04T01:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2017-AVI-385
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | iOS versions antérieures à 11.1 | ||
| Apple | N/A | watchOS versions antérieures à 4.1 | ||
| Apple | macOS | macOS Sierra versions sans le correctif de sécurité 2017-001 | ||
| Apple | N/A | tvOS versions antérieures à 11.1 | ||
| Apple | macOS | macOS El Capitan sans le correctif de sécurité 2017-004 | ||
| Apple | N/A | iTunes versions antérieures à 12.7.1 sur Windows | ||
| Apple | N/A | iCloud pour Windows versions antérieures à 7.1 | ||
| Apple | Safari | Safari versions antérieures à 11.0.1 | ||
| Apple | macOS | macOS High Sierra versions antérieures à 10.13.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sierra versions sans le correctif de s\u00e9curit\u00e9 2017-001",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS El Capitan sans le correctif de s\u00e9curit\u00e9 2017-004",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iTunes versions ant\u00e9rieures \u00e0 12.7.1 sur Windows",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 11.0.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS High Sierra versions ant\u00e9rieures \u00e0 10.13.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-13802",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13802"
},
{
"name": "CVE-2017-13818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13818"
},
{
"name": "CVE-2017-13052",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13052"
},
{
"name": "CVE-2017-12993",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12993"
},
{
"name": "CVE-2017-13018",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13018"
},
{
"name": "CVE-2017-13043",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13043"
},
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-9789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9789"
},
{
"name": "CVE-2017-7659",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
},
{
"name": "CVE-2016-4736",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4736"
},
{
"name": "CVE-2017-13050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13050"
},
{
"name": "CVE-2017-13816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13816"
},
{
"name": "CVE-2017-13798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13798"
},
{
"name": "CVE-2017-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11108"
},
{
"name": "CVE-2017-13017",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13017"
},
{
"name": "CVE-2017-13831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13831"
},
{
"name": "CVE-2017-11543",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11543"
},
{
"name": "CVE-2017-13790",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13790"
},
{
"name": "CVE-2017-13000",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13000"
},
{
"name": "CVE-2017-13807",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13807"
},
{
"name": "CVE-2017-13843",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13843"
},
{
"name": "CVE-2017-13055",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13055"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-13041",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13041"
},
{
"name": "CVE-2017-12902",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12902"
},
{
"name": "CVE-2017-13834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13834"
},
{
"name": "CVE-2017-13007",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13007"
},
{
"name": "CVE-2017-13687",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13687"
},
{
"name": "CVE-2017-13078",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13078"
},
{
"name": "CVE-2017-12986",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12986"
},
{
"name": "CVE-2017-13821",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13821"
},
{
"name": "CVE-2017-13033",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13033"
},
{
"name": "CVE-2017-13817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13817"
},
{
"name": "CVE-2017-13799",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13799"
},
{
"name": "CVE-2017-12901",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12901"
},
{
"name": "CVE-2017-13832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13832"
},
{
"name": "CVE-2017-13011",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13011"
},
{
"name": "CVE-2017-13046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13046"
},
{
"name": "CVE-2017-13840",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13840"
},
{
"name": "CVE-2017-12897",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12897"
},
{
"name": "CVE-2017-13809",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13809"
},
{
"name": "CVE-2017-13822",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13822"
},
{
"name": "CVE-2017-7113",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7113"
},
{
"name": "CVE-2017-13800",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13800"
},
{
"name": "CVE-2017-13786",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13786"
},
{
"name": "CVE-2017-13003",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13003"
},
{
"name": "CVE-2017-13815",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13815"
},
{
"name": "CVE-2017-13013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13013"
},
{
"name": "CVE-2017-13001",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13001"
},
{
"name": "CVE-2017-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13009"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2016-8740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8740"
},
{
"name": "CVE-2017-13048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13048"
},
{
"name": "CVE-2017-13054",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13054"
},
{
"name": "CVE-2017-13038",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13038"
},
{
"name": "CVE-2017-13841",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13841"
},
{
"name": "CVE-2017-13010",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13010"
},
{
"name": "CVE-2017-12990",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12990"
},
{
"name": "CVE-2017-13783",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13783"
},
{
"name": "CVE-2017-13047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13047"
},
{
"name": "CVE-2017-12991",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12991"
},
{
"name": "CVE-2017-13805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13805"
},
{
"name": "CVE-2017-13811",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13811"
},
{
"name": "CVE-2017-13849",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13849"
},
{
"name": "CVE-2017-13032",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13032"
},
{
"name": "CVE-2017-13801",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13801"
},
{
"name": "CVE-2017-13051",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13051"
},
{
"name": "CVE-2017-13036",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13036"
},
{
"name": "CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"name": "CVE-2017-13844",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13844"
},
{
"name": "CVE-2016-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2161"
},
{
"name": "CVE-2017-13795",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13795"
},
{
"name": "CVE-2017-13690",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13690"
},
{
"name": "CVE-2017-13838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13838"
},
{
"name": "CVE-2017-11542",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11542"
},
{
"name": "CVE-2017-13842",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13842"
},
{
"name": "CVE-2017-12997",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12997"
},
{
"name": "CVE-2017-13045",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13045"
},
{
"name": "CVE-2017-13026",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13026"
},
{
"name": "CVE-2017-13785",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13785"
},
{
"name": "CVE-2016-5387",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5387"
},
{
"name": "CVE-2017-13796",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13796"
},
{
"name": "CVE-2017-13782",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13782"
},
{
"name": "CVE-2017-13784",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13784"
},
{
"name": "CVE-2017-13042",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13042"
},
{
"name": "CVE-2017-12992",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12992"
},
{
"name": "CVE-2017-13027",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13027"
},
{
"name": "CVE-2017-13034",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13034"
},
{
"name": "CVE-2017-13794",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13794"
},
{
"name": "CVE-2017-13015",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13015"
},
{
"name": "CVE-2017-13725",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13725"
},
{
"name": "CVE-2017-13819",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13819"
},
{
"name": "CVE-2017-13044",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13044"
},
{
"name": "CVE-2017-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12900"
},
{
"name": "CVE-2017-12994",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12994"
},
{
"name": "CVE-2017-12998",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12998"
},
{
"name": "CVE-2017-13029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13029"
},
{
"name": "CVE-2017-13037",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13037"
},
{
"name": "CVE-2017-13788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13788"
},
{
"name": "CVE-2017-7132",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7132"
},
{
"name": "CVE-2017-13810",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13810"
},
{
"name": "CVE-2017-13039",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13039"
},
{
"name": "CVE-2017-13791",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13791"
},
{
"name": "CVE-2017-13023",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13023"
},
{
"name": "CVE-2017-13020",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13020"
},
{
"name": "CVE-2017-13021",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13021"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2017-12896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12896"
},
{
"name": "CVE-2017-13824",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13824"
},
{
"name": "CVE-2017-13049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13049"
},
{
"name": "CVE-2017-12999",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12999"
},
{
"name": "CVE-2017-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13836"
},
{
"name": "CVE-2017-13823",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13823"
},
{
"name": "CVE-2017-13846",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13846"
},
{
"name": "CVE-2017-12988",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12988"
},
{
"name": "CVE-2017-13789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13789"
},
{
"name": "CVE-2017-12985",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12985"
},
{
"name": "CVE-2017-12899",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12899"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"name": "CVE-2017-13014",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13014"
},
{
"name": "CVE-2017-12894",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12894"
},
{
"name": "CVE-2017-13804",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13804"
},
{
"name": "CVE-2017-13024",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13024"
},
{
"name": "CVE-2017-13004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13004"
},
{
"name": "CVE-2017-12996",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12996"
},
{
"name": "CVE-2017-13830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13830"
},
{
"name": "CVE-2017-12893",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12893"
},
{
"name": "CVE-2017-13019",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13019"
},
{
"name": "CVE-2017-13030",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13030"
},
{
"name": "CVE-2017-13808",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13808"
},
{
"name": "CVE-2017-13813",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13813"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-13053",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13053"
},
{
"name": "CVE-2017-13040",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13040"
},
{
"name": "CVE-2017-13689",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13689"
},
{
"name": "CVE-2017-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11103"
},
{
"name": "CVE-2017-13005",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13005"
},
{
"name": "CVE-2017-13793",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13793"
},
{
"name": "CVE-2017-13814",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13814"
},
{
"name": "CVE-2017-12987",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12987"
},
{
"name": "CVE-2017-13826",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13826"
},
{
"name": "CVE-2017-11541",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11541"
},
{
"name": "CVE-2017-13025",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13025"
},
{
"name": "CVE-2017-13828",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13828"
},
{
"name": "CVE-2017-13688",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13688"
},
{
"name": "CVE-2017-13820",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13820"
},
{
"name": "CVE-2017-12995",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12995"
},
{
"name": "CVE-2017-13792",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13792"
},
{
"name": "CVE-2017-13031",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13031"
},
{
"name": "CVE-2017-13028",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13028"
},
{
"name": "CVE-2017-13825",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13825"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2017-13803",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13803"
},
{
"name": "CVE-2017-13006",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13006"
},
{
"name": "CVE-2017-12895",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12895"
},
{
"name": "CVE-2017-13812",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13812"
},
{
"name": "CVE-2017-13022",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13022"
},
{
"name": "CVE-2017-13012",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13012"
},
{
"name": "CVE-2017-13002",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13002"
},
{
"name": "CVE-2017-13035",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13035"
},
{
"name": "CVE-2017-12989",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12989"
},
{
"name": "CVE-2017-13077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
},
{
"name": "CVE-2017-13016",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13016"
},
{
"name": "CVE-2017-13080",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
},
{
"name": "CVE-2017-12898",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12898"
},
{
"name": "CVE-2017-13008",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13008"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-385",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-11-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple\n. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208225 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208225"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208222 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208222"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208219 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208219"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208223 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208223"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208220 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208220"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208221 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208221"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208224 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208224"
}
]
}
CERTFR-2018-AVI-339
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Contrail Service Orchestration (CSO) versions antérieures à 4.0.0 et 3.3.0 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 18.1R1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Contrail Service Orchestration (CSO) versions ant\u00e9rieures \u00e0 4.0.0 et 3.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 18.1R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-7407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7407"
},
{
"name": "CVE-2018-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0027"
},
{
"name": "CVE-2016-8615",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8615"
},
{
"name": "CVE-2015-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3153"
},
{
"name": "CVE-2018-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0024"
},
{
"name": "CVE-2017-1000257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000257"
},
{
"name": "CVE-2016-8619",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8619"
},
{
"name": "CVE-2013-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1944"
},
{
"name": "CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"name": "CVE-2017-8818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8818"
},
{
"name": "CVE-2018-0031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0031"
},
{
"name": "CVE-2018-0035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0035"
},
{
"name": "CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"name": "CVE-2016-9952",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9952"
},
{
"name": "CVE-2017-10295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10295"
},
{
"name": "CVE-2013-4545",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4545"
},
{
"name": "CVE-2015-7236",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7236"
},
{
"name": "CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"name": "CVE-2016-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4802"
},
{
"name": "CVE-2017-10388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10388"
},
{
"name": "CVE-2016-9953",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9953"
},
{
"name": "CVE-2016-8624",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8624"
},
{
"name": "CVE-2018-0039",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0039"
},
{
"name": "CVE-2016-8616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8616"
},
{
"name": "CVE-2015-3148",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3148"
},
{
"name": "CVE-2016-8620",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8620"
},
{
"name": "CVE-2014-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3613"
},
{
"name": "CVE-2018-1000121",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000121"
},
{
"name": "CVE-2013-6422",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6422"
},
{
"name": "CVE-2018-0042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0042"
},
{
"name": "CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"name": "CVE-2018-1000005",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000005"
},
{
"name": "CVE-2016-8617",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8617"
},
{
"name": "CVE-2016-0754",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0754"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2018-1000120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000120"
},
{
"name": "CVE-2014-8150",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8150"
},
{
"name": "CVE-2014-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3707"
},
{
"name": "CVE-2016-8618",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8618"
},
{
"name": "CVE-2018-0037",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0037"
},
{
"name": "CVE-2015-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3143"
},
{
"name": "CVE-2018-0040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0040"
},
{
"name": "CVE-2016-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5419"
},
{
"name": "CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"name": "CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"name": "CVE-2017-10198",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10198"
},
{
"name": "CVE-2017-10355",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10355"
},
{
"name": "CVE-2016-8623",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8623"
},
{
"name": "CVE-2017-5754",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5754"
},
{
"name": "CVE-2016-3739",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3739"
},
{
"name": "CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"name": "CVE-2017-15896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15896"
},
{
"name": "CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"name": "CVE-2017-8816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8816"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2016-7167",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7167"
},
{
"name": "CVE-2017-9502",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9502"
},
{
"name": "CVE-2018-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0030"
},
{
"name": "CVE-2018-0034",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0034"
},
{
"name": "CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"name": "CVE-2000-0973",
"url": "https://www.cve.org/CVERecord?id=CVE-2000-0973"
},
{
"name": "CVE-2014-0139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0139"
},
{
"name": "CVE-2016-5420",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5420"
},
{
"name": "CVE-2016-7141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7141"
},
{
"name": "CVE-2014-0138",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0138"
},
{
"name": "CVE-2016-8621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8621"
},
{
"name": "CVE-2018-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0029"
},
{
"name": "CVE-2018-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0025"
},
{
"name": "CVE-2017-1000254",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000254"
},
{
"name": "CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"name": "CVE-2017-8817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8817"
},
{
"name": "CVE-2017-10356",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10356"
},
{
"name": "CVE-2018-0038",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0038"
},
{
"name": "CVE-2016-9586",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9586"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-10345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10345"
},
{
"name": "CVE-2018-0041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0041"
},
{
"name": "CVE-2017-5715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
},
{
"name": "CVE-2018-2629",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2629"
},
{
"name": "CVE-2016-8622",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8622"
},
{
"name": "CVE-2013-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2174"
},
{
"name": "CVE-2018-1000007",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000007"
},
{
"name": "CVE-2018-0032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0032"
},
{
"name": "CVE-2016-5421",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5421"
},
{
"name": "CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"name": "CVE-2014-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0015"
},
{
"name": "CVE-2017-1000099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000099"
},
{
"name": "CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"name": "CVE-2018-1000122",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000122"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2016-8625",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8625"
},
{
"name": "CVE-2018-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0026"
},
{
"name": "CVE-2016-0755",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0755"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-339",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-07-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10869 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10869\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10866 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10866\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10874 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10874\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10863 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10863\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10871 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10871\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10857 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10857\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10868 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10868\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10859 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10859\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10872 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10872\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10858 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10858\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10861 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10861\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10860 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10860\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10864 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10864\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10873 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10873\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10865 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10865\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2018-AVI-372
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Google Android toutes versions n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 du 06 ao\u00fbt 2018",
"product": {
"name": "Android",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-18292",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18292"
},
{
"name": "CVE-2018-9446",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9446"
},
{
"name": "CVE-2018-9454",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9454"
},
{
"name": "CVE-2018-5903",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5903"
},
{
"name": "CVE-2018-9437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9437"
},
{
"name": "CVE-2017-18296",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18296"
},
{
"name": "CVE-2018-1068",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1068"
},
{
"name": "CVE-2017-9711",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9711"
},
{
"name": "CVE-2018-9427",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9427"
},
{
"name": "CVE-2018-9444",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9444"
},
{
"name": "CVE-2017-13322",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13322"
},
{
"name": "CVE-2017-18293",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18293"
},
{
"name": "CVE-2018-11305",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11305"
},
{
"name": "CVE-2018-9461",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9461"
},
{
"name": "CVE-2018-9439",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9439"
},
{
"name": "CVE-2018-5908",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5908"
},
{
"name": "CVE-2018-5904",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5904"
},
{
"name": "CVE-2018-9463",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9463"
},
{
"name": "CVE-2017-8261",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8261"
},
{
"name": "CVE-2017-18304",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18304"
},
{
"name": "CVE-2018-9464",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9464"
},
{
"name": "CVE-2018-9436",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9436"
},
{
"name": "CVE-2018-9457",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9457"
},
{
"name": "CVE-2018-3587",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3587"
},
{
"name": "CVE-2018-9445",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9445"
},
{
"name": "CVE-2017-13242",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13242"
},
{
"name": "CVE-2018-9451",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9451"
},
{
"name": "CVE-2018-9453",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9453"
},
{
"name": "CVE-2018-9458",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9458"
},
{
"name": "CVE-2018-9449",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9449"
},
{
"name": "CVE-2018-9447",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9447"
},
{
"name": "CVE-2018-5905",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5905"
},
{
"name": "CVE-2017-18295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18295"
},
{
"name": "CVE-2017-18283",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18283"
},
{
"name": "CVE-2017-18281",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18281"
},
{
"name": "CVE-2018-9450",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9450"
},
{
"name": "CVE-2017-18249",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18249"
},
{
"name": "CVE-2017-18309",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18309"
},
{
"name": "CVE-2017-18303",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18303"
},
{
"name": "CVE-2018-9459",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9459"
},
{
"name": "CVE-2018-11263",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11263"
},
{
"name": "CVE-2018-9448",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9448"
},
{
"name": "CVE-2018-9438",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9438"
},
{
"name": "CVE-2018-9465",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9465"
},
{
"name": "CVE-2017-18299",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18299"
},
{
"name": "CVE-2018-11258",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11258"
},
{
"name": "CVE-2017-18307",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18307"
},
{
"name": "CVE-2018-9455",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9455"
},
{
"name": "CVE-2017-18301",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18301"
},
{
"name": "CVE-2017-18306",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18306"
},
{
"name": "CVE-2018-9435",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9435"
},
{
"name": "CVE-2017-18297",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18297"
},
{
"name": "CVE-2017-18294",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18294"
},
{
"name": "CVE-2017-18280",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18280"
},
{
"name": "CVE-2017-13295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13295"
},
{
"name": "CVE-2017-18300",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18300"
},
{
"name": "CVE-2017-18298",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18298"
},
{
"name": "CVE-2017-15817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15817"
},
{
"name": "CVE-2017-18308",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18308"
},
{
"name": "CVE-2017-18310",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18310"
},
{
"name": "CVE-2017-18282",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18282"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-18302",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18302"
},
{
"name": "CVE-2018-9462",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9462"
},
{
"name": "CVE-2018-11260",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11260"
},
{
"name": "CVE-2017-18305",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18305"
},
{
"name": "CVE-2018-9441",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9441"
},
{
"name": "CVE-2018-5383",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5383"
},
{
"name": "CVE-2018-5909",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5909"
},
{
"name": "CVE-2018-5910",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5910"
},
{
"name": "CVE-2017-13077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-372",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-08-07T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Android.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Pixel/Nexus du 06 ao\u00fbt 2018",
"url": "https://source.android.com/security/bulletin/pixel/2018-08-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 06 ao\u00fbt 2018",
"url": "https://source.android.com/security/bulletin/2018-08-01"
}
]
}
CERTFR-2017-AVI-385
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | iOS versions antérieures à 11.1 | ||
| Apple | N/A | watchOS versions antérieures à 4.1 | ||
| Apple | macOS | macOS Sierra versions sans le correctif de sécurité 2017-001 | ||
| Apple | N/A | tvOS versions antérieures à 11.1 | ||
| Apple | macOS | macOS El Capitan sans le correctif de sécurité 2017-004 | ||
| Apple | N/A | iTunes versions antérieures à 12.7.1 sur Windows | ||
| Apple | N/A | iCloud pour Windows versions antérieures à 7.1 | ||
| Apple | Safari | Safari versions antérieures à 11.0.1 | ||
| Apple | macOS | macOS High Sierra versions antérieures à 10.13.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sierra versions sans le correctif de s\u00e9curit\u00e9 2017-001",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS El Capitan sans le correctif de s\u00e9curit\u00e9 2017-004",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iTunes versions ant\u00e9rieures \u00e0 12.7.1 sur Windows",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 11.0.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS High Sierra versions ant\u00e9rieures \u00e0 10.13.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-13802",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13802"
},
{
"name": "CVE-2017-13818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13818"
},
{
"name": "CVE-2017-13052",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13052"
},
{
"name": "CVE-2017-12993",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12993"
},
{
"name": "CVE-2017-13018",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13018"
},
{
"name": "CVE-2017-13043",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13043"
},
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-9789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9789"
},
{
"name": "CVE-2017-7659",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
},
{
"name": "CVE-2016-4736",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4736"
},
{
"name": "CVE-2017-13050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13050"
},
{
"name": "CVE-2017-13816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13816"
},
{
"name": "CVE-2017-13798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13798"
},
{
"name": "CVE-2017-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11108"
},
{
"name": "CVE-2017-13017",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13017"
},
{
"name": "CVE-2017-13831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13831"
},
{
"name": "CVE-2017-11543",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11543"
},
{
"name": "CVE-2017-13790",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13790"
},
{
"name": "CVE-2017-13000",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13000"
},
{
"name": "CVE-2017-13807",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13807"
},
{
"name": "CVE-2017-13843",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13843"
},
{
"name": "CVE-2017-13055",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13055"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-13041",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13041"
},
{
"name": "CVE-2017-12902",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12902"
},
{
"name": "CVE-2017-13834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13834"
},
{
"name": "CVE-2017-13007",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13007"
},
{
"name": "CVE-2017-13687",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13687"
},
{
"name": "CVE-2017-13078",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13078"
},
{
"name": "CVE-2017-12986",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12986"
},
{
"name": "CVE-2017-13821",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13821"
},
{
"name": "CVE-2017-13033",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13033"
},
{
"name": "CVE-2017-13817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13817"
},
{
"name": "CVE-2017-13799",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13799"
},
{
"name": "CVE-2017-12901",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12901"
},
{
"name": "CVE-2017-13832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13832"
},
{
"name": "CVE-2017-13011",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13011"
},
{
"name": "CVE-2017-13046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13046"
},
{
"name": "CVE-2017-13840",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13840"
},
{
"name": "CVE-2017-12897",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12897"
},
{
"name": "CVE-2017-13809",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13809"
},
{
"name": "CVE-2017-13822",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13822"
},
{
"name": "CVE-2017-7113",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7113"
},
{
"name": "CVE-2017-13800",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13800"
},
{
"name": "CVE-2017-13786",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13786"
},
{
"name": "CVE-2017-13003",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13003"
},
{
"name": "CVE-2017-13815",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13815"
},
{
"name": "CVE-2017-13013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13013"
},
{
"name": "CVE-2017-13001",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13001"
},
{
"name": "CVE-2017-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13009"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2016-8740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8740"
},
{
"name": "CVE-2017-13048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13048"
},
{
"name": "CVE-2017-13054",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13054"
},
{
"name": "CVE-2017-13038",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13038"
},
{
"name": "CVE-2017-13841",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13841"
},
{
"name": "CVE-2017-13010",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13010"
},
{
"name": "CVE-2017-12990",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12990"
},
{
"name": "CVE-2017-13783",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13783"
},
{
"name": "CVE-2017-13047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13047"
},
{
"name": "CVE-2017-12991",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12991"
},
{
"name": "CVE-2017-13805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13805"
},
{
"name": "CVE-2017-13811",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13811"
},
{
"name": "CVE-2017-13849",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13849"
},
{
"name": "CVE-2017-13032",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13032"
},
{
"name": "CVE-2017-13801",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13801"
},
{
"name": "CVE-2017-13051",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13051"
},
{
"name": "CVE-2017-13036",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13036"
},
{
"name": "CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"name": "CVE-2017-13844",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13844"
},
{
"name": "CVE-2016-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2161"
},
{
"name": "CVE-2017-13795",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13795"
},
{
"name": "CVE-2017-13690",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13690"
},
{
"name": "CVE-2017-13838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13838"
},
{
"name": "CVE-2017-11542",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11542"
},
{
"name": "CVE-2017-13842",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13842"
},
{
"name": "CVE-2017-12997",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12997"
},
{
"name": "CVE-2017-13045",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13045"
},
{
"name": "CVE-2017-13026",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13026"
},
{
"name": "CVE-2017-13785",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13785"
},
{
"name": "CVE-2016-5387",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5387"
},
{
"name": "CVE-2017-13796",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13796"
},
{
"name": "CVE-2017-13782",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13782"
},
{
"name": "CVE-2017-13784",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13784"
},
{
"name": "CVE-2017-13042",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13042"
},
{
"name": "CVE-2017-12992",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12992"
},
{
"name": "CVE-2017-13027",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13027"
},
{
"name": "CVE-2017-13034",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13034"
},
{
"name": "CVE-2017-13794",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13794"
},
{
"name": "CVE-2017-13015",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13015"
},
{
"name": "CVE-2017-13725",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13725"
},
{
"name": "CVE-2017-13819",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13819"
},
{
"name": "CVE-2017-13044",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13044"
},
{
"name": "CVE-2017-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12900"
},
{
"name": "CVE-2017-12994",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12994"
},
{
"name": "CVE-2017-12998",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12998"
},
{
"name": "CVE-2017-13029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13029"
},
{
"name": "CVE-2017-13037",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13037"
},
{
"name": "CVE-2017-13788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13788"
},
{
"name": "CVE-2017-7132",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7132"
},
{
"name": "CVE-2017-13810",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13810"
},
{
"name": "CVE-2017-13039",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13039"
},
{
"name": "CVE-2017-13791",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13791"
},
{
"name": "CVE-2017-13023",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13023"
},
{
"name": "CVE-2017-13020",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13020"
},
{
"name": "CVE-2017-13021",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13021"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2017-12896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12896"
},
{
"name": "CVE-2017-13824",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13824"
},
{
"name": "CVE-2017-13049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13049"
},
{
"name": "CVE-2017-12999",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12999"
},
{
"name": "CVE-2017-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13836"
},
{
"name": "CVE-2017-13823",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13823"
},
{
"name": "CVE-2017-13846",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13846"
},
{
"name": "CVE-2017-12988",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12988"
},
{
"name": "CVE-2017-13789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13789"
},
{
"name": "CVE-2017-12985",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12985"
},
{
"name": "CVE-2017-12899",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12899"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"name": "CVE-2017-13014",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13014"
},
{
"name": "CVE-2017-12894",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12894"
},
{
"name": "CVE-2017-13804",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13804"
},
{
"name": "CVE-2017-13024",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13024"
},
{
"name": "CVE-2017-13004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13004"
},
{
"name": "CVE-2017-12996",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12996"
},
{
"name": "CVE-2017-13830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13830"
},
{
"name": "CVE-2017-12893",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12893"
},
{
"name": "CVE-2017-13019",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13019"
},
{
"name": "CVE-2017-13030",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13030"
},
{
"name": "CVE-2017-13808",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13808"
},
{
"name": "CVE-2017-13813",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13813"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-13053",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13053"
},
{
"name": "CVE-2017-13040",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13040"
},
{
"name": "CVE-2017-13689",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13689"
},
{
"name": "CVE-2017-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11103"
},
{
"name": "CVE-2017-13005",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13005"
},
{
"name": "CVE-2017-13793",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13793"
},
{
"name": "CVE-2017-13814",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13814"
},
{
"name": "CVE-2017-12987",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12987"
},
{
"name": "CVE-2017-13826",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13826"
},
{
"name": "CVE-2017-11541",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11541"
},
{
"name": "CVE-2017-13025",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13025"
},
{
"name": "CVE-2017-13828",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13828"
},
{
"name": "CVE-2017-13688",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13688"
},
{
"name": "CVE-2017-13820",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13820"
},
{
"name": "CVE-2017-12995",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12995"
},
{
"name": "CVE-2017-13792",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13792"
},
{
"name": "CVE-2017-13031",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13031"
},
{
"name": "CVE-2017-13028",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13028"
},
{
"name": "CVE-2017-13825",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13825"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2017-13803",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13803"
},
{
"name": "CVE-2017-13006",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13006"
},
{
"name": "CVE-2017-12895",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12895"
},
{
"name": "CVE-2017-13812",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13812"
},
{
"name": "CVE-2017-13022",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13022"
},
{
"name": "CVE-2017-13012",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13012"
},
{
"name": "CVE-2017-13002",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13002"
},
{
"name": "CVE-2017-13035",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13035"
},
{
"name": "CVE-2017-12989",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12989"
},
{
"name": "CVE-2017-13077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
},
{
"name": "CVE-2017-13016",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13016"
},
{
"name": "CVE-2017-13080",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
},
{
"name": "CVE-2017-12898",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12898"
},
{
"name": "CVE-2017-13008",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13008"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-385",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-11-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple\n. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208225 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208225"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208222 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208222"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208219 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208219"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208223 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208223"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208220 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208220"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208221 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208221"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208224 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208224"
}
]
}
CERTFR-2018-AVI-339
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Contrail Service Orchestration (CSO) versions antérieures à 4.0.0 et 3.3.0 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 18.1R1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Contrail Service Orchestration (CSO) versions ant\u00e9rieures \u00e0 4.0.0 et 3.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 18.1R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-7407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7407"
},
{
"name": "CVE-2018-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0027"
},
{
"name": "CVE-2016-8615",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8615"
},
{
"name": "CVE-2015-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3153"
},
{
"name": "CVE-2018-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0024"
},
{
"name": "CVE-2017-1000257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000257"
},
{
"name": "CVE-2016-8619",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8619"
},
{
"name": "CVE-2013-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1944"
},
{
"name": "CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"name": "CVE-2017-8818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8818"
},
{
"name": "CVE-2018-0031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0031"
},
{
"name": "CVE-2018-0035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0035"
},
{
"name": "CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"name": "CVE-2016-9952",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9952"
},
{
"name": "CVE-2017-10295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10295"
},
{
"name": "CVE-2013-4545",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4545"
},
{
"name": "CVE-2015-7236",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7236"
},
{
"name": "CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"name": "CVE-2016-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4802"
},
{
"name": "CVE-2017-10388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10388"
},
{
"name": "CVE-2016-9953",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9953"
},
{
"name": "CVE-2016-8624",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8624"
},
{
"name": "CVE-2018-0039",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0039"
},
{
"name": "CVE-2016-8616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8616"
},
{
"name": "CVE-2015-3148",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3148"
},
{
"name": "CVE-2016-8620",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8620"
},
{
"name": "CVE-2014-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3613"
},
{
"name": "CVE-2018-1000121",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000121"
},
{
"name": "CVE-2013-6422",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6422"
},
{
"name": "CVE-2018-0042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0042"
},
{
"name": "CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"name": "CVE-2018-1000005",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000005"
},
{
"name": "CVE-2016-8617",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8617"
},
{
"name": "CVE-2016-0754",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0754"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2018-1000120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000120"
},
{
"name": "CVE-2014-8150",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8150"
},
{
"name": "CVE-2014-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3707"
},
{
"name": "CVE-2016-8618",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8618"
},
{
"name": "CVE-2018-0037",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0037"
},
{
"name": "CVE-2015-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3143"
},
{
"name": "CVE-2018-0040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0040"
},
{
"name": "CVE-2016-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5419"
},
{
"name": "CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"name": "CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"name": "CVE-2017-10198",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10198"
},
{
"name": "CVE-2017-10355",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10355"
},
{
"name": "CVE-2016-8623",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8623"
},
{
"name": "CVE-2017-5754",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5754"
},
{
"name": "CVE-2016-3739",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3739"
},
{
"name": "CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"name": "CVE-2017-15896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15896"
},
{
"name": "CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"name": "CVE-2017-8816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8816"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2016-7167",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7167"
},
{
"name": "CVE-2017-9502",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9502"
},
{
"name": "CVE-2018-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0030"
},
{
"name": "CVE-2018-0034",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0034"
},
{
"name": "CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"name": "CVE-2000-0973",
"url": "https://www.cve.org/CVERecord?id=CVE-2000-0973"
},
{
"name": "CVE-2014-0139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0139"
},
{
"name": "CVE-2016-5420",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5420"
},
{
"name": "CVE-2016-7141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7141"
},
{
"name": "CVE-2014-0138",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0138"
},
{
"name": "CVE-2016-8621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8621"
},
{
"name": "CVE-2018-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0029"
},
{
"name": "CVE-2018-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0025"
},
{
"name": "CVE-2017-1000254",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000254"
},
{
"name": "CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"name": "CVE-2017-8817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8817"
},
{
"name": "CVE-2017-10356",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10356"
},
{
"name": "CVE-2018-0038",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0038"
},
{
"name": "CVE-2016-9586",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9586"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-10345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10345"
},
{
"name": "CVE-2018-0041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0041"
},
{
"name": "CVE-2017-5715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
},
{
"name": "CVE-2018-2629",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2629"
},
{
"name": "CVE-2016-8622",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8622"
},
{
"name": "CVE-2013-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2174"
},
{
"name": "CVE-2018-1000007",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000007"
},
{
"name": "CVE-2018-0032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0032"
},
{
"name": "CVE-2016-5421",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5421"
},
{
"name": "CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"name": "CVE-2014-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0015"
},
{
"name": "CVE-2017-1000099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000099"
},
{
"name": "CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"name": "CVE-2018-1000122",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000122"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2016-8625",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8625"
},
{
"name": "CVE-2018-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0026"
},
{
"name": "CVE-2016-0755",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0755"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-339",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-07-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10869 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10869\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10866 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10866\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10874 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10874\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10863 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10863\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10871 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10871\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10857 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10857\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10868 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10868\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10859 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10859\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10872 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10872\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10858 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10858\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10861 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10861\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10860 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10860\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10864 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10864\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10873 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10873\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10865 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10865\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2018-AVI-372
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Google Android toutes versions n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 du 06 ao\u00fbt 2018",
"product": {
"name": "Android",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-18292",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18292"
},
{
"name": "CVE-2018-9446",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9446"
},
{
"name": "CVE-2018-9454",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9454"
},
{
"name": "CVE-2018-5903",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5903"
},
{
"name": "CVE-2018-9437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9437"
},
{
"name": "CVE-2017-18296",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18296"
},
{
"name": "CVE-2018-1068",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1068"
},
{
"name": "CVE-2017-9711",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9711"
},
{
"name": "CVE-2018-9427",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9427"
},
{
"name": "CVE-2018-9444",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9444"
},
{
"name": "CVE-2017-13322",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13322"
},
{
"name": "CVE-2017-18293",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18293"
},
{
"name": "CVE-2018-11305",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11305"
},
{
"name": "CVE-2018-9461",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9461"
},
{
"name": "CVE-2018-9439",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9439"
},
{
"name": "CVE-2018-5908",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5908"
},
{
"name": "CVE-2018-5904",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5904"
},
{
"name": "CVE-2018-9463",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9463"
},
{
"name": "CVE-2017-8261",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8261"
},
{
"name": "CVE-2017-18304",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18304"
},
{
"name": "CVE-2018-9464",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9464"
},
{
"name": "CVE-2018-9436",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9436"
},
{
"name": "CVE-2018-9457",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9457"
},
{
"name": "CVE-2018-3587",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3587"
},
{
"name": "CVE-2018-9445",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9445"
},
{
"name": "CVE-2017-13242",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13242"
},
{
"name": "CVE-2018-9451",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9451"
},
{
"name": "CVE-2018-9453",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9453"
},
{
"name": "CVE-2018-9458",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9458"
},
{
"name": "CVE-2018-9449",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9449"
},
{
"name": "CVE-2018-9447",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9447"
},
{
"name": "CVE-2018-5905",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5905"
},
{
"name": "CVE-2017-18295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18295"
},
{
"name": "CVE-2017-18283",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18283"
},
{
"name": "CVE-2017-18281",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18281"
},
{
"name": "CVE-2018-9450",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9450"
},
{
"name": "CVE-2017-18249",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18249"
},
{
"name": "CVE-2017-18309",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18309"
},
{
"name": "CVE-2017-18303",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18303"
},
{
"name": "CVE-2018-9459",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9459"
},
{
"name": "CVE-2018-11263",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11263"
},
{
"name": "CVE-2018-9448",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9448"
},
{
"name": "CVE-2018-9438",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9438"
},
{
"name": "CVE-2018-9465",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9465"
},
{
"name": "CVE-2017-18299",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18299"
},
{
"name": "CVE-2018-11258",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11258"
},
{
"name": "CVE-2017-18307",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18307"
},
{
"name": "CVE-2018-9455",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9455"
},
{
"name": "CVE-2017-18301",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18301"
},
{
"name": "CVE-2017-18306",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18306"
},
{
"name": "CVE-2018-9435",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9435"
},
{
"name": "CVE-2017-18297",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18297"
},
{
"name": "CVE-2017-18294",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18294"
},
{
"name": "CVE-2017-18280",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18280"
},
{
"name": "CVE-2017-13295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13295"
},
{
"name": "CVE-2017-18300",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18300"
},
{
"name": "CVE-2017-18298",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18298"
},
{
"name": "CVE-2017-15817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15817"
},
{
"name": "CVE-2017-18308",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18308"
},
{
"name": "CVE-2017-18310",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18310"
},
{
"name": "CVE-2017-18282",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18282"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-18302",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18302"
},
{
"name": "CVE-2018-9462",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9462"
},
{
"name": "CVE-2018-11260",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11260"
},
{
"name": "CVE-2017-18305",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18305"
},
{
"name": "CVE-2018-9441",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9441"
},
{
"name": "CVE-2018-5383",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5383"
},
{
"name": "CVE-2018-5909",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5909"
},
{
"name": "CVE-2018-5910",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5910"
},
{
"name": "CVE-2017-13077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-372",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-08-07T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Android.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Pixel/Nexus du 06 ao\u00fbt 2018",
"url": "https://source.android.com/security/bulletin/pixel/2018-08-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 06 ao\u00fbt 2018",
"url": "https://source.android.com/security/bulletin/2018-08-01"
}
]
}
BDU:2018-00107
Vulnerability from fstec - Published: 11.07.2017
VLAI Severity ?
Title
Уязвимость функции sendto программного средства для взаимодействия с серверами curl, позволяющая нарушителю вызвать отказ в обслуживании или осуществить перенаправление трафика
Description
Уязвимость функции sendto программного средства для взаимодействия с серверами curl связана с чтением за границами буфера при использовании протокола TFTP. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании или осуществить перенаправление трафика с помощью специально сформированного URL-адреса
Severity ?
Vendor
ООО «РусБИТех-Астра», Daniel Stenberg
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), cURL
Software Version
1.5 «Смоленск» (Astra Linux Special Edition), от 7.15.0 до 7.54.1 включительно (cURL)
Possible Mitigations
Для curl использование рекомендаций:
https://curl.haxx.se/docs/adv_20170809B.html
Для Astra Linux:
обновление программного обеспечения до 7.26.0-1+wheezy22 или более поздней версии
Reference
http://www.debian.org/security/2017/dsa-3992
http://www.securityfocus.com/bid/100286
http://www.securitytracker.com/id/1039118
https://curl.haxx.se/docs/adv_20170809B.html
https://security.gentoo.org/glsa/201709-14
https://support.apple.com/HT208221
CWE
CWE-125
{
"CVSS 2.0": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Daniel Stenberg",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), \u043e\u0442 7.15.0 \u0434\u043e 7.54.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (cURL)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f curl \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://curl.haxx.se/docs/adv_20170809B.html \n\n\u0414\u043b\u044f Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 7.26.0-1+wheezy22 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.07.2017",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "24.01.2018",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2018-00107",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2017-1000100",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), cURL",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 sendto \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 curl, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0442\u0440\u0430\u0444\u0438\u043a\u0430",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0427\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-125)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 sendto \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 curl \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 TFTP. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e URL-\u0430\u0434\u0440\u0435\u0441\u0430",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://www.debian.org/security/2017/dsa-3992\nhttp://www.securityfocus.com/bid/100286\nhttp://www.securitytracker.com/id/1039118\nhttps://curl.haxx.se/docs/adv_20170809B.html\nhttps://security.gentoo.org/glsa/201709-14\nhttps://support.apple.com/HT208221",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-125",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,3)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,5)"
}
cleanstart-2026-ay18527
Vulnerability from cleanstart
Published
2026-04-01 09:55
Modified
2026-03-16 17:21
Summary
Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.17.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0
Details
Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "curl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.9.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AY18527",
"modified": "2026-03-16T17:21:19Z",
"published": "2026-04-01T09:55:26.067667Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AY18527.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.17.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0",
"upstream": [
"CVE-2014-0138",
"CVE-2014-0139",
"CVE-2016-5419",
"CVE-2016-5420",
"CVE-2016-5421",
"CVE-2016-7141",
"CVE-2016-7167",
"CVE-2016-8615",
"CVE-2016-8616",
"CVE-2016-8617",
"CVE-2016-8618",
"CVE-2016-8619",
"CVE-2016-8620",
"CVE-2016-8621",
"CVE-2016-8622",
"CVE-2016-8623",
"CVE-2016-8624",
"CVE-2016-8625",
"CVE-2016-9594",
"CVE-2017-1000099",
"CVE-2017-1000100",
"CVE-2017-1000101",
"CVE-2017-1000257",
"CVE-2017-2629",
"CVE-2017-7407",
"CVE-2017-7468",
"CVE-2017-8816",
"CVE-2017-8817",
"CVE-2017-8818",
"CVE-2018-0500",
"CVE-2018-1000120",
"CVE-2018-1000121",
"CVE-2018-1000122",
"CVE-2018-1000300",
"CVE-2018-1000301",
"CVE-2018-14618",
"CVE-2018-16839",
"CVE-2018-16840",
"CVE-2018-16842",
"CVE-2018-16890",
"CVE-2019-3822",
"CVE-2019-3823",
"CVE-2019-5435",
"CVE-2019-5436",
"CVE-2019-5481",
"CVE-2019-5482",
"CVE-2020-8169",
"CVE-2020-8177",
"CVE-2020-8231",
"CVE-2020-8284",
"CVE-2020-8285",
"CVE-2020-8286",
"CVE-2021-22876",
"CVE-2021-22890",
"CVE-2021-22897",
"CVE-2021-22898",
"CVE-2021-22901",
"CVE-2021-22922",
"CVE-2021-22923",
"CVE-2021-22924",
"CVE-2021-22925",
"CVE-2021-22945",
"CVE-2021-22946",
"CVE-2021-22947",
"CVE-2022-22576",
"CVE-2022-27774",
"CVE-2022-27775",
"CVE-2022-27776",
"CVE-2022-27778",
"CVE-2022-27779",
"CVE-2022-27780",
"CVE-2022-27781",
"CVE-2022-27782",
"CVE-2022-30115",
"CVE-2022-32205",
"CVE-2022-32206",
"CVE-2022-32207",
"CVE-2022-32208",
"CVE-2022-32221",
"CVE-2022-35252",
"CVE-2022-35260",
"CVE-2022-42915",
"CVE-2022-42916",
"CVE-2022-43551",
"CVE-2022-43552",
"CVE-2023-23914",
"CVE-2023-23915",
"CVE-2023-23916",
"CVE-2023-27533",
"CVE-2023-27534",
"CVE-2023-27535",
"CVE-2023-27536",
"CVE-2023-27537",
"CVE-2023-27538",
"CVE-2023-28319",
"CVE-2023-28320",
"CVE-2023-28321",
"CVE-2023-28322",
"CVE-2023-38039",
"CVE-2023-38545",
"CVE-2023-38546",
"CVE-2023-46218",
"CVE-2023-46219",
"CVE-2024-0853",
"CVE-2024-11053",
"CVE-2024-2004",
"CVE-2024-2379",
"CVE-2024-2398",
"CVE-2024-2466",
"CVE-2024-6197",
"CVE-2024-6874",
"CVE-2024-7264",
"CVE-2024-8096",
"CVE-2024-9681",
"CVE-2025-0167",
"CVE-2025-0665",
"CVE-2025-0725",
"CVE-2025-10148",
"CVE-2025-4947",
"CVE-2025-5025",
"CVE-2025-5399",
"CVE-2025-9086",
"CVE-2026-24515",
"CVE-2026-25210"
]
}
cleanstart-2026-bw46578
Vulnerability from cleanstart
Published
2026-04-01 09:55
Modified
2026-03-16 17:22
Summary
Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.16.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0
Details
Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "curl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.9.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BW46578",
"modified": "2026-03-16T17:22:25Z",
"published": "2026-04-01T09:55:26.061155Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BW46578.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.16.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0",
"upstream": [
"CVE-2014-0138",
"CVE-2014-0139",
"CVE-2016-5419",
"CVE-2016-5420",
"CVE-2016-5421",
"CVE-2016-7141",
"CVE-2016-7167",
"CVE-2016-8615",
"CVE-2016-8616",
"CVE-2016-8617",
"CVE-2016-8618",
"CVE-2016-8619",
"CVE-2016-8620",
"CVE-2016-8621",
"CVE-2016-8622",
"CVE-2016-8623",
"CVE-2016-8624",
"CVE-2016-8625",
"CVE-2016-9594",
"CVE-2017-1000099",
"CVE-2017-1000100",
"CVE-2017-1000101",
"CVE-2017-1000257",
"CVE-2017-2629",
"CVE-2017-7407",
"CVE-2017-7468",
"CVE-2017-8816",
"CVE-2017-8817",
"CVE-2017-8818",
"CVE-2018-0500",
"CVE-2018-1000120",
"CVE-2018-1000121",
"CVE-2018-1000122",
"CVE-2018-1000300",
"CVE-2018-1000301",
"CVE-2018-14618",
"CVE-2018-16839",
"CVE-2018-16840",
"CVE-2018-16842",
"CVE-2018-16890",
"CVE-2019-3822",
"CVE-2019-3823",
"CVE-2019-5435",
"CVE-2019-5436",
"CVE-2019-5481",
"CVE-2019-5482",
"CVE-2020-8169",
"CVE-2020-8177",
"CVE-2020-8231",
"CVE-2020-8284",
"CVE-2020-8285",
"CVE-2020-8286",
"CVE-2021-22876",
"CVE-2021-22890",
"CVE-2021-22897",
"CVE-2021-22898",
"CVE-2021-22901",
"CVE-2021-22922",
"CVE-2021-22923",
"CVE-2021-22924",
"CVE-2021-22925",
"CVE-2021-22945",
"CVE-2021-22946",
"CVE-2021-22947",
"CVE-2022-22576",
"CVE-2022-27774",
"CVE-2022-27775",
"CVE-2022-27776",
"CVE-2022-27778",
"CVE-2022-27779",
"CVE-2022-27780",
"CVE-2022-27781",
"CVE-2022-27782",
"CVE-2022-30115",
"CVE-2022-32205",
"CVE-2022-32206",
"CVE-2022-32207",
"CVE-2022-32208",
"CVE-2022-32221",
"CVE-2022-35252",
"CVE-2022-35260",
"CVE-2022-42915",
"CVE-2022-42916",
"CVE-2022-43551",
"CVE-2022-43552",
"CVE-2023-23914",
"CVE-2023-23915",
"CVE-2023-23916",
"CVE-2023-27533",
"CVE-2023-27534",
"CVE-2023-27535",
"CVE-2023-27536",
"CVE-2023-27537",
"CVE-2023-27538",
"CVE-2023-28319",
"CVE-2023-28320",
"CVE-2023-28321",
"CVE-2023-28322",
"CVE-2023-38039",
"CVE-2023-38545",
"CVE-2023-38546",
"CVE-2023-46218",
"CVE-2023-46219",
"CVE-2024-0853",
"CVE-2024-11053",
"CVE-2024-2004",
"CVE-2024-2379",
"CVE-2024-2398",
"CVE-2024-2466",
"CVE-2024-6197",
"CVE-2024-6874",
"CVE-2024-7264",
"CVE-2024-8096",
"CVE-2024-9681",
"CVE-2025-0167",
"CVE-2025-0665",
"CVE-2025-0725",
"CVE-2025-10148",
"CVE-2025-4947",
"CVE-2025-5025",
"CVE-2025-5399",
"CVE-2025-9086",
"CVE-2026-24515",
"CVE-2026-25210"
]
}
cleanstart-2026-lq42192
Vulnerability from cleanstart
Published
2026-04-01 09:55
Modified
2026-03-16 17:19
Summary
Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.18.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0
Details
Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "curl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.9.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LQ42192",
"modified": "2026-03-16T17:19:31Z",
"published": "2026-04-01T09:55:24.898216Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LQ42192.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0138"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5420"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5421"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8615"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8616"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8617"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8619"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8620"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8621"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8622"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8623"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8624"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9594"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000099"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000100"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000101"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000257"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2629"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7407"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7468"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8816"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8818"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0500"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000120"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000122"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000300"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000301"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14618"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16839"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16840"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16842"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3822"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5436"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5481"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5482"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8169"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8177"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8231"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8284"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22876"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22890"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22897"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22898"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22901"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22922"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22925"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22945"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22946"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22576"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27774"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27775"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27776"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27778"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27779"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27780"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27781"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27782"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30115"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32205"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32206"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32207"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32208"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35252"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35260"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43551"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43552"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23915"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27533"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27534"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27535"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27536"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27537"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27538"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28319"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28320"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28321"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28322"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38039"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38546"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46218"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46219"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11053"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2004"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2379"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2466"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6197"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6874"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8096"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0665"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10148"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4947"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5025"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5399"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9086"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.18.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0",
"upstream": [
"CVE-2014-0138",
"CVE-2014-0139",
"CVE-2016-5419",
"CVE-2016-5420",
"CVE-2016-5421",
"CVE-2016-7141",
"CVE-2016-7167",
"CVE-2016-8615",
"CVE-2016-8616",
"CVE-2016-8617",
"CVE-2016-8618",
"CVE-2016-8619",
"CVE-2016-8620",
"CVE-2016-8621",
"CVE-2016-8622",
"CVE-2016-8623",
"CVE-2016-8624",
"CVE-2016-8625",
"CVE-2016-9594",
"CVE-2017-1000099",
"CVE-2017-1000100",
"CVE-2017-1000101",
"CVE-2017-1000257",
"CVE-2017-2629",
"CVE-2017-7407",
"CVE-2017-7468",
"CVE-2017-8816",
"CVE-2017-8817",
"CVE-2017-8818",
"CVE-2018-0500",
"CVE-2018-1000120",
"CVE-2018-1000121",
"CVE-2018-1000122",
"CVE-2018-1000300",
"CVE-2018-1000301",
"CVE-2018-14618",
"CVE-2018-16839",
"CVE-2018-16840",
"CVE-2018-16842",
"CVE-2018-16890",
"CVE-2019-3822",
"CVE-2019-3823",
"CVE-2019-5435",
"CVE-2019-5436",
"CVE-2019-5481",
"CVE-2019-5482",
"CVE-2020-8169",
"CVE-2020-8177",
"CVE-2020-8231",
"CVE-2020-8284",
"CVE-2020-8285",
"CVE-2020-8286",
"CVE-2021-22876",
"CVE-2021-22890",
"CVE-2021-22897",
"CVE-2021-22898",
"CVE-2021-22901",
"CVE-2021-22922",
"CVE-2021-22923",
"CVE-2021-22924",
"CVE-2021-22925",
"CVE-2021-22945",
"CVE-2021-22946",
"CVE-2021-22947",
"CVE-2022-22576",
"CVE-2022-27774",
"CVE-2022-27775",
"CVE-2022-27776",
"CVE-2022-27778",
"CVE-2022-27779",
"CVE-2022-27780",
"CVE-2022-27781",
"CVE-2022-27782",
"CVE-2022-30115",
"CVE-2022-32205",
"CVE-2022-32206",
"CVE-2022-32207",
"CVE-2022-32208",
"CVE-2022-32221",
"CVE-2022-35252",
"CVE-2022-35260",
"CVE-2022-42915",
"CVE-2022-42916",
"CVE-2022-43551",
"CVE-2022-43552",
"CVE-2023-23914",
"CVE-2023-23915",
"CVE-2023-23916",
"CVE-2023-27533",
"CVE-2023-27534",
"CVE-2023-27535",
"CVE-2023-27536",
"CVE-2023-27537",
"CVE-2023-27538",
"CVE-2023-28319",
"CVE-2023-28320",
"CVE-2023-28321",
"CVE-2023-28322",
"CVE-2023-38039",
"CVE-2023-38545",
"CVE-2023-38546",
"CVE-2023-46218",
"CVE-2023-46219",
"CVE-2024-0853",
"CVE-2024-11053",
"CVE-2024-2004",
"CVE-2024-2379",
"CVE-2024-2398",
"CVE-2024-2466",
"CVE-2024-6197",
"CVE-2024-6874",
"CVE-2024-7264",
"CVE-2024-8096",
"CVE-2024-9681",
"CVE-2025-0167",
"CVE-2025-0665",
"CVE-2025-0725",
"CVE-2025-10148",
"CVE-2025-4947",
"CVE-2025-5025",
"CVE-2025-5399",
"CVE-2025-9086",
"CVE-2026-24515",
"CVE-2026-25210"
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…