← voltar
CVE-2017-7555

CVE-2017-7555

EPSS 5.0%CWE-122
Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.
Produtos afetados
Red Hat, Inc. · augeas

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://access.redhat.com/errata/RHSA-2017:2788https://access.redhat.com/errata/RHSA-2019:2403https://github.com/hercules-team/augeas/pull/480https://puppet.com/security/cve/cve-2017-7555http://www.debian.org/security/2017/dsa-3949http://www.securityfocus.com/bid/100378