VulnerableCode Package Details - pkg:alpm/archlinux/glibc@2.26-8

Search for packages

Package details: pkg:alpm/archlinux/glibc@2.26-8

Essentials
History (4)

purl	pkg:alpm/archlinux/glibc@2.26-8

Next non-vulnerable version	2.26-9
Latest non-vulnerable version	2.37-2
Risk	4.4

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-jauw-zxrf-aaae Aliases: CVE-2017-15671	The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).	2.26-9 Affected by 0 other vulnerabilities.
VCID-sbu9-jza7-aaae Aliases: CVE-2017-15670	The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.	2.26-9 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2024-09-18T02:01:18.823964+00:00	Arch Linux Importer	Affected by	VCID-sbu9-jza7-aaae	https://security.archlinux.org/AVG-460	34.0.1
2024-09-18T02:01:18.796235+00:00	Arch Linux Importer	Affected by	VCID-jauw-zxrf-aaae	https://security.archlinux.org/AVG-460	34.0.1
2024-06-15T20:59:56.480834+00:00	Arch Linux Importer	Affected by	VCID-sbu9-jza7-aaae	https://security.archlinux.org/AVG-460	34.0.0rc4
2024-06-15T20:59:56.459040+00:00	Arch Linux Importer	Affected by	VCID-jauw-zxrf-aaae	https://security.archlinux.org/AVG-460	34.0.0rc4