NULL Pointer Dereference
Affecting curl package, versions <7.38.0-4+deb8u10
Report new vulnerabilities
Do your applications use this vulnerable package?
Test your applications
Overview
A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service
References
- CONFIRM
- CVE Details
- Debian Security Advisory
- Debian Security Announcement
- Debian Security Tracker
- Oracle Security Advisory
- Oracle Security Advisory
- Oracle Security Advisory
- Oracle Security Advisory
- REDHAT
- REDHAT
- REDHAT
- RHSA Security Advisory
- RHSA Security Advisory
- Security Focus
- Security Tracker
- Ubuntu CVE Tracker
- Ubuntu Security Advisory
- Ubuntu Security Advisory
CVSS Score
7.5
high severity
-
Attack VectorNetwork
-
Attack ComplexityLow
-
Privileges RequiredNone
-
User InteractionNone
-
ScopeUnchanged
-
ConfidentialityNone
-
IntegrityNone
-
AvailabilityHigh
- CVE
- CVE-2018-1000121
- CWE
- CWE-476
- Snyk ID
- SNYK-DEBIAN8-CURL-358699
- Disclosed
- 14 Mar, 2018
- Published
- 14 Mar, 2018