VulnerableCode Package Details - pkg:deb/ubuntu/gnulib@20100704%2Bstable-1

Search for packages

Package details: pkg:deb/ubuntu/gnulib@20100704%2Bstable-1

Essentials
History (0)

purl	pkg:deb/ubuntu/gnulib@20100704%2Bstable-1

Next non-vulnerable version	20140202+stable-4
Latest non-vulnerable version	20140202+stable-4
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-w8cc-xvzf-aaan Aliases: CVE-2018-17942	The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.	20140202+stable-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-z54v-76h3-aaae Aliases: CVE-2009-5155	In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.	20140202+stable-4 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version