← Back

CVE-2016-8621

nvd nist
Published: Jul 31, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

The `curl_getdate` function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short.

Affected (1)

Products: Haxx: Curl
Haxx
1 product
Curl
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Curl
Before 7.51.0

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (20)

Source: secalert@redhat.com
Source: secalert@redhat.com
Third Party AdvisoryVDB Entry
Source: secalert@redhat.com
Third Party AdvisoryVDB Entry
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Issue TrackingPatchThird Party Advisory
Source: secalert@redhat.com
PatchVendor Advisory
Source: secalert@redhat.com
PatchVendor Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.