← Back

Cron

cron

Vendor: Cron Project • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-9705
3Cron Project
DebianFedoraproject
3Cron
Debian LinuxFedora
Nov 21, 2024
Mar 12, 2019
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted.
CVE-2019-9704
3Cron Project
DebianFedoraproject
3Cron
Debian LinuxFedora
Nov 21, 2024
Mar 12, 2019
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked.
CVE-2017-9525
2Cron Project
Debian
2Cron
Debian Linux
May 13, 2026
Jun 9, 2017
N/A· v4
6.7 MEDIUM· v3
6.9 MEDIUM· v2
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of...Show more
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs.Show less