VulnerableCode Package Details - pkg:deb/ubuntu/collectd@4.10.1-1

Search for packages

Package details: pkg:deb/ubuntu/collectd@4.10.1-1

Essentials
History (0)

purl	pkg:deb/ubuntu/collectd@4.10.1-1

Next non-vulnerable version	5.8.0-5.2
Latest non-vulnerable version	5.8.0-5.2
Risk	4.5

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-2rc2-7f1t-aaag Aliases: CVE-2016-6254	Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.	5.7.2-2ubuntu1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-9pq9-7x2w-aaab Aliases: CVE-2017-7401	Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.	5.7.2-2ubuntu1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-fq4u-zhrw-aaas Aliases: CVE-2017-16820	The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact).	5.8.0-5.2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version