VulnerableCode Package Details - pkg:deb/ubuntu/collectd@5.7.2-2ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/collectd@5.7.2-2ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/collectd@5.7.2-2ubuntu1

Next non-vulnerable version	5.8.0-5.2
Latest non-vulnerable version	5.8.0-5.2
Risk	4.5

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-fq4u-zhrw-aaas Aliases: CVE-2017-16820	The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact).	5.8.0-5.2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-2rc2-7f1t-aaag	Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.	CVE-2016-6254
VCID-9pq9-7x2w-aaab	Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.	CVE-2017-7401

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version