Vulnerability-Lookup

CVE-2017-1000101 (GCVE-0-2017-1000101)

Vulnerability from cvelistv5 – Published: 2017-10-04 01:00 – Updated: 2026-04-16 13:45

Summary

curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.

Severity

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE

Assigner

mitre

References

7 references

URL	Tags
https://support.apple.com/HT208221	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2018:3558	vendor-advisoryx_refsource_REDHAT
https://security.gentoo.org/glsa/201709-14	vendor-advisoryx_refsource_GENTOO
https://curl.haxx.se/docs/adv_20170809A.html	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039117	vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/100249	vdb-entryx_refsource_BID
http://www.debian.org/security/2017/dsa-3992	vendor-advisoryx_refsource_DEBIAN

Date Public

2017-10-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:53:06.565Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208221"
          },
          {
            "name": "RHSA-2018:3558",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3558"
          },
          {
            "name": "GLSA-201709-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201709-14"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://curl.haxx.se/docs/adv_20170809A.html"
          },
          {
            "name": "1039117",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039117"
          },
          {
            "name": "100249",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100249"
          },
          {
            "name": "DSA-3992",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3992"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2017-1000101",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-16T13:45:32.714678Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-119",
                "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-16T13:45:37.458Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2017-08-22T00:00:00.000Z",
      "datePublic": "2017-10-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "curl supports \"globbing\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208221"
        },
        {
          "name": "RHSA-2018:3558",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3558"
        },
        {
          "name": "GLSA-201709-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201709-14"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://curl.haxx.se/docs/adv_20170809A.html"
        },
        {
          "name": "1039117",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039117"
        },
        {
          "name": "100249",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100249"
        },
        {
          "name": "DSA-3992",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3992"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2017-08-22T17:29:33.316423",
          "ID": "CVE-2017-1000101",
          "REQUESTER": "daniel@haxx.se",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "curl supports \"globbing\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.apple.com/HT208221",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208221"
            },
            {
              "name": "RHSA-2018:3558",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3558"
            },
            {
              "name": "GLSA-201709-14",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201709-14"
            },
            {
              "name": "https://curl.haxx.se/docs/adv_20170809A.html",
              "refsource": "CONFIRM",
              "url": "https://curl.haxx.se/docs/adv_20170809A.html"
            },
            {
              "name": "1039117",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039117"
            },
            {
              "name": "100249",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100249"
            },
            {
              "name": "DSA-3992",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3992"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-1000101",
    "datePublished": "2017-10-04T01:00:00.000Z",
    "dateReserved": "2017-10-03T00:00:00.000Z",
    "dateUpdated": "2026-04-16T13:45:37.458Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2017-1000101",
      "date": "2026-05-28",
      "epss": "0.00655",
      "percentile": "0.71251"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC7E5201-24A0-4CEF-84D2-76DB195D3A8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D558CC2-0146-4887-834E-19FCB1D512A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6931764D-16AB-4546-9CE3-5B4E03BC984A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FC1313E-8DCB-4B29-A9BC-A27C8CB360E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B27C2E02-5C0A-4A12-B0A6-5B1C0DFA94E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFC7535F-B8C7-490F-A2F9-1DCFD41A3C9B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CCBFE6D-F6A9-4394-9AF8-F830DC7E6A81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DEBBFCA-6A18-4F8F-B841-50255C952FA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEEAE437-A645-468B-B283-44799658F534\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03F7EE95-4EBE-4306-ADFE-A1A92CAD5F24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79F7AE71-7A18-4737-9C02-0A3343B3AD4C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC589DE6-773A-43E8-9393-3083DB545671\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24D735EA-04E3-47E7-A859-3CC1ED887E10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"063C1A70-0869-4933-88D7-ECE7ACCF0F99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70B0A020-3DA1-4753-B810-C60E7CA06839\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63A18050-0DA7-400A-B564-AC9A020D57CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D168A62-A5B0-4BA8-8243-1AAF3B395567\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11D8B02D-5A97-4F9A-8EE8-D60D621E0B0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7DC2429-0B58-4D68-9337-0077C4493714\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4D5B7BD-2B9D-40AB-B13A-393FF0007A8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2AFED4D-0672-467F-999C-9D6C3722B8C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BDCCD2D-3D98-4FC3-BAB5-3D09A0CAD12C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DA228CD-70CF-41FC-98F6-38194466CC32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFDE2415-78F8-4A36-AA9B-6EA8DCE399AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCA05266-35B6-422D-AE73-4C934B4F5091\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2AB70F1-D6A9-4ADF-A506-4C9DEE8AE754\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C2FDF0C-6493-4BE1-851E-0D8CE94E36B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EA9D7F9-A972-41A8-9561-DB72E37184F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"641ACFC8-BDE2-42AC-8B3D-EF78695AD750\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8629C630-14E0-4C94-BBD1-B5203488A6FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31C6D873-9770-4FD0-AC75-4D6C06FC4A8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CADB89B4-7218-4E2B-BB94-8CCEB79FB3F0\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"curl supports \\\"globbing\\\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.\"}, {\"lang\": \"es\", \"value\": \"curl es compatible con el \\\"globbing\\\" de URL, donde un usuario puede pasar un rango num\\u00e9rico para hacer que la herramienta itere sobre esos n\\u00fameros para realizar una secuencia de transferencias. En la funci\\u00f3n de \\\"globbing\\\" que analiza sint\\u00e1cticamente el rango num\\u00e9rico, hay una omisi\\u00f3n que hace que curl lea un byte m\\u00e1s all\\u00e1 del fin de la URL si se proporciona una URL manipulada o simplemente mal escrita. La URL se almacena en un b\\u00fafer basado en memoria din\\u00e1mica (heap) para que se pueda hacer luego de tal manera que lea err\\u00f3neamente otra cosa en vez de cerrarse inesperadamente. A continuaci\\u00f3n se muestra un ejemplo de una URL que desencadena este fallo: \\\"http://ur%20[0-60000000000000000000\\\".\"}]",
      "id": "CVE-2017-1000101",
      "lastModified": "2024-11-21T03:04:09.803",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:N/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2017-10-05T01:29:04.103",
      "references": "[{\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/100249\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1039117\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/HT208221\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/100249\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1039117\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/HT208221\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-1000101\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-10-05T01:29:04.103\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"curl supports \\\"globbing\\\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.\"},{\"lang\":\"es\",\"value\":\"curl es compatible con el \\\"globbing\\\" de URL, donde un usuario puede pasar un rango num\u00e9rico para hacer que la herramienta itere sobre esos n\u00fameros para realizar una secuencia de transferencias. En la funci\u00f3n de \\\"globbing\\\" que analiza sint\u00e1cticamente el rango num\u00e9rico, hay una omisi\u00f3n que hace que curl lea un byte m\u00e1s all\u00e1 del fin de la URL si se proporciona una URL manipulada o simplemente mal escrita. La URL se almacena en un b\u00fafer basado en memoria din\u00e1mica (heap) para que se pueda hacer luego de tal manera que lea err\u00f3neamente otra cosa en vez de cerrarse inesperadamente. A continuaci\u00f3n se muestra un ejemplo de una URL que desencadena este fallo: \\\"http://ur%20[0-60000000000000000000\\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC7E5201-24A0-4CEF-84D2-76DB195D3A8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D558CC2-0146-4887-834E-19FCB1D512A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6931764D-16AB-4546-9CE3-5B4E03BC984A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FC1313E-8DCB-4B29-A9BC-A27C8CB360E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B27C2E02-5C0A-4A12-B0A6-5B1C0DFA94E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFC7535F-B8C7-490F-A2F9-1DCFD41A3C9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CCBFE6D-F6A9-4394-9AF8-F830DC7E6A81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DEBBFCA-6A18-4F8F-B841-50255C952FA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEEAE437-A645-468B-B283-44799658F534\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03F7EE95-4EBE-4306-ADFE-A1A92CAD5F24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79F7AE71-7A18-4737-9C02-0A3343B3AD4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.43.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC589DE6-773A-43E8-9393-3083DB545671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.44.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24D735EA-04E3-47E7-A859-3CC1ED887E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.45.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"063C1A70-0869-4933-88D7-ECE7ACCF0F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.46.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70B0A020-3DA1-4753-B810-C60E7CA06839\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.47.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63A18050-0DA7-400A-B564-AC9A020D57CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.47.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D168A62-A5B0-4BA8-8243-1AAF3B395567\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.48.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11D8B02D-5A97-4F9A-8EE8-D60D621E0B0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.49.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7DC2429-0B58-4D68-9337-0077C4493714\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.49.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4D5B7BD-2B9D-40AB-B13A-393FF0007A8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.50.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2AFED4D-0672-467F-999C-9D6C3722B8C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.50.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BDCCD2D-3D98-4FC3-BAB5-3D09A0CAD12C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.50.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DA228CD-70CF-41FC-98F6-38194466CC32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.50.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFDE2415-78F8-4A36-AA9B-6EA8DCE399AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.51.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCA05266-35B6-422D-AE73-4C934B4F5091\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.52.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2AB70F1-D6A9-4ADF-A506-4C9DEE8AE754\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.52.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2FDF0C-6493-4BE1-851E-0D8CE94E36B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.53.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EA9D7F9-A972-41A8-9561-DB72E37184F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.53.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"641ACFC8-BDE2-42AC-8B3D-EF78695AD750\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.54.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8629C630-14E0-4C94-BBD1-B5203488A6FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.54.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31C6D873-9770-4FD0-AC75-4D6C06FC4A8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:7.55.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CADB89B4-7218-4E2B-BB94-8CCEB79FB3F0\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3992\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/100249\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039117\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3558\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://curl.haxx.se/docs/adv_20170809A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201709-14\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2017/dsa-3992\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/100249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039117\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://curl.haxx.se/docs/adv_20170809A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201709-14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.apple.com/HT208221\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"name\": \"RHSA-2018:3558\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"name\": \"GLSA-201709-14\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1039117\", \"name\": \"1039117\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/100249\", \"name\": \"100249\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"name\": \"DSA-3992\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T21:53:06.565Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-1000101\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-16T13:45:32.714678Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-16T13:45:11.717Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2017-10-03T00:00:00.000Z\", \"references\": [{\"url\": \"https://support.apple.com/HT208221\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"name\": \"RHSA-2018:3558\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"name\": \"GLSA-201709-14\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id/1039117\", \"name\": \"1039117\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.securityfocus.com/bid/100249\", \"name\": \"100249\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"name\": \"DSA-3992\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}], \"dateAssigned\": \"2017-08-22T00:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"curl supports \\\"globbing\\\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2018-11-13T10:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://support.apple.com/HT208221\", \"name\": \"https://support.apple.com/HT208221\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3558\", \"name\": \"RHSA-2018:3558\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://security.gentoo.org/glsa/201709-14\", \"name\": \"GLSA-201709-14\", \"refsource\": \"GENTOO\"}, {\"url\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"name\": \"https://curl.haxx.se/docs/adv_20170809A.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securitytracker.com/id/1039117\", \"name\": \"1039117\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://www.securityfocus.com/bid/100249\", \"name\": \"100249\", \"refsource\": \"BID\"}, {\"url\": \"http://www.debian.org/security/2017/dsa-3992\", \"name\": \"DSA-3992\", \"refsource\": \"DEBIAN\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"curl supports \\\"globbing\\\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-1000101\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\", \"REQUESTER\": \"daniel@haxx.se\", \"DATE_ASSIGNED\": \"2017-08-22T17:29:33.316423\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2017-1000101\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-16T13:45:37.458Z\", \"dateReserved\": \"2017-10-03T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2017-10-04T01:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

WID-SEC-W-2023-1647

Vulnerability from csaf_certbund - Published: 2017-08-08 22:00 - Updated: 2023-07-04 22:00

Summary

cURL: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: cURL ist eine Client-Software, die das Austauschen von Dateien mittels mehrerer Protokolle wie z. B. HTTP oder FTP erlaubt.

Angriff: Ein lokaler oder entfernter anonymer Angreifer kann mehrere Schwachstellen in cURL ausnutzen, um Informationen offenzulegen.

Betroffene Betriebssysteme: - UNIX - Linux - Windows - Sonstiges

CVE-2017-1000099

Es existiert eine Schwachstelle in cURL. Wenn eine Datei mit einer file:// URL aufgerufen wird, gibt libcurl Metadaten über die Datei mittels HTTP-ähnliche Headern aus. Dabei passiert ein Fehler bei dem uninitialisierter Speicher aus dem Heap zur Ausgabe verwendet wird. Dabei kann es vorkommen, wenn dieser nicht mit Nullen beschrieben ist, sondern dass Daten die danach im Speicher stehen, ausgegeben werden. Ein lokaler Angreifer kann so eventuell Zugriff auf eventuell sensitive Informationen erlangen.

Affected products

Known affected 5 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Dell NetWorker < 19.9.0.1 Dell	`cpe:/a:dell:networker:19.9.0.1`	—

CVE-2017-1000100

Es existiert eine Out of Boundary Schwachstelle in cURL. Bei einem TFTP Transfer mit curl/libcurl bei dem eine sehr lange URL verwendet wird (länger als 515 Bytes), wird die URL gekürzt und in den Speicher geschrieben. Die ursprüngliche Länge wird dabei gesichert. Dieser zu große Wert wird in der "sendto()" Funktion verwendet was dazu führt, dass außerhalb der Speichergrenzen Daten angehängt werden. Ein präparierter HTTP(S) Server kann einen Client auf eine TFTP URL umleiten und so Teile seines Speichers preisgeben. Ein entfernter, anonymer Angreifer kann Zugriff auf eventuell sensitive Informationen erlangen. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte URL mit curl oder einenm Client der libcurl verwendet, aufzurufen.

Affected products

Known affected 5 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Dell NetWorker < 19.9.0.1 Dell	`cpe:/a:dell:networker:19.9.0.1`	—

CVE-2017-1000101

Es existiert eine Out of Boundary Schwachstelle in cURL. curl unterstützt die Angabe eines Zahlenbereichs in einer URLs, über die er iteriert und diese anschließend aufruft. Die URL wird im Heap-Speicher abgelegt. Durch einen Fehler bei der Verarbeitung dieser URL kann es dazu kommen, dass die URL über die Speichergrenzen hinweg gelesen wird. Durch speziell präparierte curl Übergabeparameter kann es dazu kommen, dass curl nicht abstürzt sondern eine falsche URL aus dem Heap liest. Ein entfernter, anonymer Angreifer kann Zugriff auf eventuell sensitive Informationen erlangen. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte URL mit curl oder einem Client der libcurl verwendet, aufzurufen.

Affected products

Known affected 5 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Dell NetWorker < 19.9.0.1 Dell	`cpe:/a:dell:networker:19.9.0.1`	—

References

16 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.dell.com/support/kbdoc/de-de/00021549…	external
https://curl.haxx.se/docs/adv_20170809A.html	external
https://curl.haxx.se/docs/adv_20170809B.html	external
https://curl.haxx.se/docs/adv_20170809C.html	external
http://marc.info/?l=oss-security&m=150225896624622&w=2	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.debian.org/security/2017/dsa-3992	external
http://www.ubuntu.com/usn/usn-3441-1/	external
http://www.ubuntu.com/usn/usn-3441-2/	external
https://kb.juniper.net/InfoCenter/index?page=cont…	external
https://access.redhat.com/errata/RHSA-2018:3558	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "cURL ist eine Client-Software, die das Austauschen von Dateien mittels mehrerer Protokolle wie z. B. HTTP oder FTP erlaubt.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler oder entfernter anonymer Angreifer kann mehrere Schwachstellen in cURL ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-1647 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2023-1647.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-1647 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1647"
      },
      {
        "category": "external",
        "summary": "Security update for Dell NetWorker",
        "url": "https://www.dell.com/support/kbdoc/de-de/000215497/dsa-2023-233-security-update-for-dell-networker-curl-7-51-0"
      },
      {
        "category": "external",
        "summary": "Curl Security Advisory vom 2017-08-08",
        "url": "https://curl.haxx.se/docs/adv_20170809A.html"
      },
      {
        "category": "external",
        "summary": "Curl Security Advisory vom 2017-08-08",
        "url": "https://curl.haxx.se/docs/adv_20170809B.html"
      },
      {
        "category": "external",
        "summary": "Curl Security Advisory vom 2017-08-08",
        "url": "https://curl.haxx.se/docs/adv_20170809C.html"
      },
      {
        "category": "external",
        "summary": "Eintrag in der OSS Mailing Liste vom 2017-08-08",
        "url": "http://marc.info/?l=oss-security\u0026m=150225896624622\u0026w=2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2174-1 vom 2017-08-16",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172174-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2312-1 vom 2017-08-31",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172312-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2354-1 vom 2017-09-06",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172354-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2470-1 vom 2017-09-15",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172470-1.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-3992 vom 2017-10-07",
        "url": "https://www.debian.org/security/2017/dsa-3992"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3441-1 vom 2017-10-10",
        "url": "http://www.ubuntu.com/usn/usn-3441-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3441-2 vom 2017-10-24",
        "url": "http://www.ubuntu.com/usn/usn-3441-2/"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin: JSA10874",
        "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10874\u0026actp=RSS"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2018:3558 vom 2018-11-14",
        "url": "https://access.redhat.com/errata/RHSA-2018:3558"
      }
    ],
    "source_lang": "en-US",
    "title": "cURL: Mehrere Schwachstellen erm\u00f6glichen Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2023-07-04T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:54:12.544+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-1647",
      "initial_release_date": "2017-08-08T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2017-08-08T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2017-08-08T22:00:00.000+00:00",
          "number": "2",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-08-13T22:00:00.000+00:00",
          "number": "3",
          "summary": "Added references"
        },
        {
          "date": "2017-08-31T22:00:00.000+00:00",
          "number": "4",
          "summary": "New remediations available"
        },
        {
          "date": "2017-09-05T22:00:00.000+00:00",
          "number": "5",
          "summary": "New remediations available"
        },
        {
          "date": "2017-09-14T22:00:00.000+00:00",
          "number": "6",
          "summary": "New remediations available"
        },
        {
          "date": "2017-10-08T22:00:00.000+00:00",
          "number": "7",
          "summary": "New remediations available"
        },
        {
          "date": "2017-10-10T22:00:00.000+00:00",
          "number": "8",
          "summary": "New remediations available"
        },
        {
          "date": "2017-10-23T22:00:00.000+00:00",
          "number": "9",
          "summary": "New remediations available"
        },
        {
          "date": "2018-07-31T22:00:00.000+00:00",
          "number": "10",
          "summary": "New remediations available"
        },
        {
          "date": "2018-11-13T23:00:00.000+00:00",
          "number": "11",
          "summary": "New remediations available"
        },
        {
          "date": "2023-07-04T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "12"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell NetWorker \u003c 19.9.0.1",
            "product": {
              "name": "Dell NetWorker \u003c 19.9.0.1",
              "product_id": "T028404",
              "product_identification_helper": {
                "cpe": "cpe:/a:dell:networker:19.9.0.1"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source cURL \u003c 7.55.0",
            "product": {
              "name": "Open Source cURL \u003c 7.55.0",
              "product_id": "T010531",
              "product_identification_helper": {
                "cpe": "cpe:/a:curl:curl:7.55.0"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-1000099",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in cURL. Wenn eine Datei mit einer file:// URL aufgerufen wird, gibt libcurl Metadaten \u00fcber die Datei mittels HTTP-\u00e4hnliche Headern aus. Dabei passiert ein Fehler bei dem uninitialisierter Speicher aus dem Heap zur Ausgabe verwendet wird. Dabei kann es vorkommen, wenn dieser nicht mit Nullen beschrieben ist, sondern dass Daten die danach im Speicher stehen, ausgegeben werden. Ein lokaler Angreifer kann so eventuell Zugriff auf eventuell sensitive Informationen erlangen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T028404"
        ]
      },
      "release_date": "2017-08-08T22:00:00.000+00:00",
      "title": "CVE-2017-1000099"
    },
    {
      "cve": "CVE-2017-1000100",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Out of Boundary Schwachstelle in cURL. Bei einem TFTP Transfer mit curl/libcurl bei dem eine sehr lange URL verwendet wird (l\u00e4nger als 515 Bytes), wird die URL gek\u00fcrzt und in den Speicher geschrieben. Die urspr\u00fcngliche L\u00e4nge wird dabei gesichert. Dieser zu gro\u00dfe Wert wird in der \"sendto()\" Funktion verwendet was dazu f\u00fchrt, dass au\u00dferhalb der Speichergrenzen Daten angeh\u00e4ngt werden. Ein pr\u00e4parierter HTTP(S) Server kann einen Client auf eine TFTP URL umleiten und so Teile seines Speichers preisgeben. Ein entfernter, anonymer Angreifer kann Zugriff auf eventuell sensitive Informationen erlangen. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte URL mit curl oder einenm Client der libcurl verwendet, aufzurufen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T028404"
        ]
      },
      "release_date": "2017-08-08T22:00:00.000+00:00",
      "title": "CVE-2017-1000100"
    },
    {
      "cve": "CVE-2017-1000101",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Out of Boundary Schwachstelle in cURL. curl unterst\u00fctzt die Angabe eines Zahlenbereichs in einer URLs, \u00fcber die er iteriert und diese anschlie\u00dfend aufruft. Die URL wird im Heap-Speicher abgelegt. Durch einen Fehler bei der Verarbeitung dieser URL kann es dazu kommen, dass die URL \u00fcber die Speichergrenzen hinweg gelesen wird. Durch speziell pr\u00e4parierte curl \u00dcbergabeparameter kann es dazu kommen, dass curl nicht abst\u00fcrzt sondern eine falsche URL aus dem Heap liest. Ein entfernter, anonymer Angreifer kann Zugriff auf eventuell sensitive Informationen erlangen. Zur erfolgreichen Ausnutzung dieser Schwachstelle muss der Angreifer den Benutzer dazu bringen, eine modifizierte URL mit curl oder einem Client der libcurl verwendet, aufzurufen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T028404"
        ]
      },
      "release_date": "2017-08-08T22:00:00.000+00:00",
      "title": "CVE-2017-1000101"
    }
  ]
}

WID-SEC-W-2025-0370

Vulnerability from csaf_certbund - Published: 2017-09-25 22:00 - Updated: 2025-02-13 23:00

Summary

Apple Mac OS: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Apple Mac OS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstelle in Apple Mac OS ausnutzen, um Code mit Kernel Privilegien auszuführen, Sicherheitsvorkehrungen zu umgehen, einen Denial of Service Angriff durchzuführen oder vertrauliche Daten einzusehen.

Betroffene Betriebssysteme: - MacOS X

CVE-2016-0736

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2016-2161

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2016-4736

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2016-5387

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2016-8740

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2016-8743

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2016-9042

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2016-9063

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2016-9840

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2016-9841

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2016-9842

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2016-9843

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-0381

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-1000100

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-1000101

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-1000373

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-10140

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-10989

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-11103

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-11108

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-11541

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-11542

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-11543

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12893

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12894

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12895

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12896

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12897

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12898

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12899

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12900

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12901

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12902

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12985

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12986

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12987

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12988

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12989

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12990

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12991

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12992

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12993

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12994

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12995

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12996

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12997

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12998

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-12999

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13000

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13001

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13002

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13003

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13004

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13005

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13006

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13007

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13008

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13009

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13010

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13011

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13012

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13013

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13014

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13015

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13016

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13017

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13018

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13019

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13020

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13021

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13022

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13023

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13024

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13025

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13026

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13027

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13028

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13029

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13030

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13031

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13032

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13033

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13034

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13035

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13036

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13037

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13038

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13039

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13040

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13041

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13042

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13043

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13044

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13045

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13046

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13047

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13048

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13049

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13050

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13051

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13052

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13053

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13054

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13055

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13077

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13078

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13080

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13687

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13688

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13689

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13690

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13725

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13782

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13786

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13799

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13800

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13801

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13804

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13807

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13808

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13809

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13810

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13811

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13812

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13813

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13814

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13815

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13816

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13817

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13818

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13819

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13820

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13821

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13822

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13823

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13824

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13825

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13826

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13827

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13828

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13829

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13830

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13831

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13832

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13833

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13834

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13836

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13837

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13838

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13839

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13840

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13841

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13842

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13843

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13846

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13851

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-13854

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-3167

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-3169

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-6451

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-6452

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-6455

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-6458

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-6459

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-6460

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-6462

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-6463

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-6464

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7074

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7077

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7078

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7080

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7082

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7083

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7084

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7086

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7114

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7119

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7121

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7122

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7123

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7124

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7125

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7126

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7127

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7128

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7129

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7130

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7132

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7138

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7141

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7143

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7144

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7659

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7668

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-7679

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-9233

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-9788

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

CVE-2017-9789

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Apple macOS <10.13 Apple / macOS		<10.13

References

5 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://support.apple.com/de-de/HT208144	external
https://lists.apple.com/archives/security-announc…	external
https://lists.apple.com/archives/security-announc…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Apple Mac OS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstelle in Apple Mac OS ausnutzen, um Code mit Kernel Privilegien auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Denial of Service Angriff durchzuf\u00fchren oder vertrauliche Daten einzusehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- MacOS X",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0370 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2025-0370.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0370 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0370"
      },
      {
        "category": "external",
        "summary": "Apple Security Advisory HT208144 vom 2017-09-25",
        "url": "https://support.apple.com/de-de/HT208144"
      },
      {
        "category": "external",
        "summary": "Updated Apple Security Advisory HT208144 vom 2017-10-31",
        "url": "https://lists.apple.com/archives/security-announce/2017/Oct/msg00007.html"
      },
      {
        "category": "external",
        "summary": "Updated Apple Security Advisory HT208144 vom 2017-10-31",
        "url": "https://lists.apple.com/archives/security-announce/2017/Oct/msg00001.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Apple Mac OS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-02-13T23:00:00.000+00:00",
      "generator": {
        "date": "2025-02-14T12:00:12.636+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-0370",
      "initial_release_date": "2017-09-25T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2017-09-25T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2017-10-31T23:00:00.000+00:00",
          "number": "2",
          "summary": "cve added"
        },
        {
          "date": "2017-10-31T23:00:00.000+00:00",
          "number": "3",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-10-31T23:00:00.000+00:00",
          "number": "4",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-11-21T23:00:00.000+00:00",
          "number": "5",
          "summary": "cve added"
        },
        {
          "date": "2017-11-21T23:00:00.000+00:00",
          "number": "6",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-12-13T23:00:00.000+00:00",
          "number": "7",
          "summary": "New remediations available"
        },
        {
          "date": "2025-02-13T23:00:00.000+00:00",
          "number": "8",
          "summary": "Korrektur"
        }
      ],
      "status": "final",
      "version": "8"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.13",
                "product": {
                  "name": "Apple macOS \u003c10.13",
                  "product_id": "T010822"
                }
              },
              {
                "category": "product_version",
                "name": "10.13",
                "product": {
                  "name": "Apple macOS 10.13",
                  "product_id": "T010822-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:apple:mac_os:10.13"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "macOS"
          }
        ],
        "category": "vendor",
        "name": "Apple"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-0736",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-0736"
    },
    {
      "cve": "CVE-2016-2161",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-2161"
    },
    {
      "cve": "CVE-2016-4736",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-4736"
    },
    {
      "cve": "CVE-2016-5387",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-5387"
    },
    {
      "cve": "CVE-2016-8740",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-8740"
    },
    {
      "cve": "CVE-2016-8743",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-8743"
    },
    {
      "cve": "CVE-2016-9042",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-9042"
    },
    {
      "cve": "CVE-2016-9063",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-9063"
    },
    {
      "cve": "CVE-2016-9840",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-9840"
    },
    {
      "cve": "CVE-2016-9841",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-9841"
    },
    {
      "cve": "CVE-2016-9842",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-9842"
    },
    {
      "cve": "CVE-2016-9843",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2016-9843"
    },
    {
      "cve": "CVE-2017-0381",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-0381"
    },
    {
      "cve": "CVE-2017-1000100",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-1000100"
    },
    {
      "cve": "CVE-2017-1000101",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-1000101"
    },
    {
      "cve": "CVE-2017-1000373",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-1000373"
    },
    {
      "cve": "CVE-2017-10140",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-10140"
    },
    {
      "cve": "CVE-2017-10989",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-10989"
    },
    {
      "cve": "CVE-2017-11103",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-11103"
    },
    {
      "cve": "CVE-2017-11108",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-11108"
    },
    {
      "cve": "CVE-2017-11541",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-11541"
    },
    {
      "cve": "CVE-2017-11542",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-11542"
    },
    {
      "cve": "CVE-2017-11543",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-11543"
    },
    {
      "cve": "CVE-2017-12893",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12893"
    },
    {
      "cve": "CVE-2017-12894",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12894"
    },
    {
      "cve": "CVE-2017-12895",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12895"
    },
    {
      "cve": "CVE-2017-12896",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12896"
    },
    {
      "cve": "CVE-2017-12897",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12897"
    },
    {
      "cve": "CVE-2017-12898",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12898"
    },
    {
      "cve": "CVE-2017-12899",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12899"
    },
    {
      "cve": "CVE-2017-12900",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12900"
    },
    {
      "cve": "CVE-2017-12901",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12901"
    },
    {
      "cve": "CVE-2017-12902",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12902"
    },
    {
      "cve": "CVE-2017-12985",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12985"
    },
    {
      "cve": "CVE-2017-12986",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12986"
    },
    {
      "cve": "CVE-2017-12987",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12987"
    },
    {
      "cve": "CVE-2017-12988",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12988"
    },
    {
      "cve": "CVE-2017-12989",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12989"
    },
    {
      "cve": "CVE-2017-12990",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12990"
    },
    {
      "cve": "CVE-2017-12991",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12991"
    },
    {
      "cve": "CVE-2017-12992",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12992"
    },
    {
      "cve": "CVE-2017-12993",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12993"
    },
    {
      "cve": "CVE-2017-12994",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12994"
    },
    {
      "cve": "CVE-2017-12995",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12995"
    },
    {
      "cve": "CVE-2017-12996",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12996"
    },
    {
      "cve": "CVE-2017-12997",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12997"
    },
    {
      "cve": "CVE-2017-12998",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12998"
    },
    {
      "cve": "CVE-2017-12999",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-12999"
    },
    {
      "cve": "CVE-2017-13000",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13000"
    },
    {
      "cve": "CVE-2017-13001",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13001"
    },
    {
      "cve": "CVE-2017-13002",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13002"
    },
    {
      "cve": "CVE-2017-13003",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13003"
    },
    {
      "cve": "CVE-2017-13004",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13004"
    },
    {
      "cve": "CVE-2017-13005",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13005"
    },
    {
      "cve": "CVE-2017-13006",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13006"
    },
    {
      "cve": "CVE-2017-13007",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13007"
    },
    {
      "cve": "CVE-2017-13008",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13008"
    },
    {
      "cve": "CVE-2017-13009",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13009"
    },
    {
      "cve": "CVE-2017-13010",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13010"
    },
    {
      "cve": "CVE-2017-13011",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13011"
    },
    {
      "cve": "CVE-2017-13012",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13012"
    },
    {
      "cve": "CVE-2017-13013",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13013"
    },
    {
      "cve": "CVE-2017-13014",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13014"
    },
    {
      "cve": "CVE-2017-13015",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13015"
    },
    {
      "cve": "CVE-2017-13016",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13016"
    },
    {
      "cve": "CVE-2017-13017",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13017"
    },
    {
      "cve": "CVE-2017-13018",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13018"
    },
    {
      "cve": "CVE-2017-13019",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13019"
    },
    {
      "cve": "CVE-2017-13020",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13020"
    },
    {
      "cve": "CVE-2017-13021",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13021"
    },
    {
      "cve": "CVE-2017-13022",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13022"
    },
    {
      "cve": "CVE-2017-13023",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13023"
    },
    {
      "cve": "CVE-2017-13024",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13024"
    },
    {
      "cve": "CVE-2017-13025",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13025"
    },
    {
      "cve": "CVE-2017-13026",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13026"
    },
    {
      "cve": "CVE-2017-13027",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13027"
    },
    {
      "cve": "CVE-2017-13028",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13028"
    },
    {
      "cve": "CVE-2017-13029",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13029"
    },
    {
      "cve": "CVE-2017-13030",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13030"
    },
    {
      "cve": "CVE-2017-13031",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13031"
    },
    {
      "cve": "CVE-2017-13032",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13032"
    },
    {
      "cve": "CVE-2017-13033",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13033"
    },
    {
      "cve": "CVE-2017-13034",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13034"
    },
    {
      "cve": "CVE-2017-13035",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13035"
    },
    {
      "cve": "CVE-2017-13036",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13036"
    },
    {
      "cve": "CVE-2017-13037",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13037"
    },
    {
      "cve": "CVE-2017-13038",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13038"
    },
    {
      "cve": "CVE-2017-13039",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13039"
    },
    {
      "cve": "CVE-2017-13040",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13040"
    },
    {
      "cve": "CVE-2017-13041",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13041"
    },
    {
      "cve": "CVE-2017-13042",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13042"
    },
    {
      "cve": "CVE-2017-13043",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13043"
    },
    {
      "cve": "CVE-2017-13044",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13044"
    },
    {
      "cve": "CVE-2017-13045",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13045"
    },
    {
      "cve": "CVE-2017-13046",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13046"
    },
    {
      "cve": "CVE-2017-13047",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13047"
    },
    {
      "cve": "CVE-2017-13048",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13048"
    },
    {
      "cve": "CVE-2017-13049",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13049"
    },
    {
      "cve": "CVE-2017-13050",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13050"
    },
    {
      "cve": "CVE-2017-13051",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13051"
    },
    {
      "cve": "CVE-2017-13052",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13052"
    },
    {
      "cve": "CVE-2017-13053",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13053"
    },
    {
      "cve": "CVE-2017-13054",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13054"
    },
    {
      "cve": "CVE-2017-13055",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13055"
    },
    {
      "cve": "CVE-2017-13077",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13077"
    },
    {
      "cve": "CVE-2017-13078",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13078"
    },
    {
      "cve": "CVE-2017-13080",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13080"
    },
    {
      "cve": "CVE-2017-13687",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13687"
    },
    {
      "cve": "CVE-2017-13688",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13688"
    },
    {
      "cve": "CVE-2017-13689",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13689"
    },
    {
      "cve": "CVE-2017-13690",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13690"
    },
    {
      "cve": "CVE-2017-13725",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13725"
    },
    {
      "cve": "CVE-2017-13782",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13782"
    },
    {
      "cve": "CVE-2017-13786",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13786"
    },
    {
      "cve": "CVE-2017-13799",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13799"
    },
    {
      "cve": "CVE-2017-13800",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13800"
    },
    {
      "cve": "CVE-2017-13801",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13801"
    },
    {
      "cve": "CVE-2017-13804",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13804"
    },
    {
      "cve": "CVE-2017-13807",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13807"
    },
    {
      "cve": "CVE-2017-13808",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13808"
    },
    {
      "cve": "CVE-2017-13809",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13809"
    },
    {
      "cve": "CVE-2017-13810",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13810"
    },
    {
      "cve": "CVE-2017-13811",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13811"
    },
    {
      "cve": "CVE-2017-13812",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13812"
    },
    {
      "cve": "CVE-2017-13813",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13813"
    },
    {
      "cve": "CVE-2017-13814",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13814"
    },
    {
      "cve": "CVE-2017-13815",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13815"
    },
    {
      "cve": "CVE-2017-13816",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13816"
    },
    {
      "cve": "CVE-2017-13817",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13817"
    },
    {
      "cve": "CVE-2017-13818",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13818"
    },
    {
      "cve": "CVE-2017-13819",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13819"
    },
    {
      "cve": "CVE-2017-13820",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13820"
    },
    {
      "cve": "CVE-2017-13821",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13821"
    },
    {
      "cve": "CVE-2017-13822",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13822"
    },
    {
      "cve": "CVE-2017-13823",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13823"
    },
    {
      "cve": "CVE-2017-13824",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13824"
    },
    {
      "cve": "CVE-2017-13825",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13825"
    },
    {
      "cve": "CVE-2017-13826",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13826"
    },
    {
      "cve": "CVE-2017-13827",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13827"
    },
    {
      "cve": "CVE-2017-13828",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13828"
    },
    {
      "cve": "CVE-2017-13829",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13829"
    },
    {
      "cve": "CVE-2017-13830",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13830"
    },
    {
      "cve": "CVE-2017-13831",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13831"
    },
    {
      "cve": "CVE-2017-13832",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13832"
    },
    {
      "cve": "CVE-2017-13833",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13833"
    },
    {
      "cve": "CVE-2017-13834",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13834"
    },
    {
      "cve": "CVE-2017-13836",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13836"
    },
    {
      "cve": "CVE-2017-13837",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13837"
    },
    {
      "cve": "CVE-2017-13838",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13838"
    },
    {
      "cve": "CVE-2017-13839",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13839"
    },
    {
      "cve": "CVE-2017-13840",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13840"
    },
    {
      "cve": "CVE-2017-13841",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13841"
    },
    {
      "cve": "CVE-2017-13842",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13842"
    },
    {
      "cve": "CVE-2017-13843",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13843"
    },
    {
      "cve": "CVE-2017-13846",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13846"
    },
    {
      "cve": "CVE-2017-13851",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13851"
    },
    {
      "cve": "CVE-2017-13854",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-13854"
    },
    {
      "cve": "CVE-2017-3167",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-3167"
    },
    {
      "cve": "CVE-2017-3169",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-3169"
    },
    {
      "cve": "CVE-2017-6451",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-6451"
    },
    {
      "cve": "CVE-2017-6452",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-6452"
    },
    {
      "cve": "CVE-2017-6455",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-6455"
    },
    {
      "cve": "CVE-2017-6458",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-6458"
    },
    {
      "cve": "CVE-2017-6459",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-6459"
    },
    {
      "cve": "CVE-2017-6460",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-6460"
    },
    {
      "cve": "CVE-2017-6462",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-6462"
    },
    {
      "cve": "CVE-2017-6463",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-6463"
    },
    {
      "cve": "CVE-2017-6464",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-6464"
    },
    {
      "cve": "CVE-2017-7074",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7074"
    },
    {
      "cve": "CVE-2017-7077",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7077"
    },
    {
      "cve": "CVE-2017-7078",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7078"
    },
    {
      "cve": "CVE-2017-7080",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7080"
    },
    {
      "cve": "CVE-2017-7082",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7082"
    },
    {
      "cve": "CVE-2017-7083",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7083"
    },
    {
      "cve": "CVE-2017-7084",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7084"
    },
    {
      "cve": "CVE-2017-7086",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7086"
    },
    {
      "cve": "CVE-2017-7114",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7114"
    },
    {
      "cve": "CVE-2017-7119",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7119"
    },
    {
      "cve": "CVE-2017-7121",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7121"
    },
    {
      "cve": "CVE-2017-7122",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7122"
    },
    {
      "cve": "CVE-2017-7123",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7123"
    },
    {
      "cve": "CVE-2017-7124",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7124"
    },
    {
      "cve": "CVE-2017-7125",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7125"
    },
    {
      "cve": "CVE-2017-7126",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7126"
    },
    {
      "cve": "CVE-2017-7127",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7127"
    },
    {
      "cve": "CVE-2017-7128",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7128"
    },
    {
      "cve": "CVE-2017-7129",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7129"
    },
    {
      "cve": "CVE-2017-7130",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7130"
    },
    {
      "cve": "CVE-2017-7132",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7132"
    },
    {
      "cve": "CVE-2017-7138",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7138"
    },
    {
      "cve": "CVE-2017-7141",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7141"
    },
    {
      "cve": "CVE-2017-7143",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7143"
    },
    {
      "cve": "CVE-2017-7144",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7144"
    },
    {
      "cve": "CVE-2017-7659",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7659"
    },
    {
      "cve": "CVE-2017-7668",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7668"
    },
    {
      "cve": "CVE-2017-7679",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-7679"
    },
    {
      "cve": "CVE-2017-9233",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-9233"
    },
    {
      "cve": "CVE-2017-9788",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-9788"
    },
    {
      "cve": "CVE-2017-9789",
      "product_status": {
        "known_affected": [
          "T010822"
        ]
      },
      "release_date": "2017-09-25T22:00:00.000+00:00",
      "title": "CVE-2017-9789"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-1000101 (GCVE-0-2017-1000101)

WID-SEC-W-2023-1647

WID-SEC-W-2025-0370

Tags

Sightings

Nomenclature