VulnerableCode Package Details - pkg:deb/ubuntu/llvm-toolchain-3.5@1:3.5-4ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/llvm-toolchain-3.5@1:3.5-4ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/llvm-toolchain-3.5@1:3.5-4ubuntu1

Next non-vulnerable version	1:3.5.2-2
Latest non-vulnerable version	1:3.5.2-2
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-3c18-v2g4-aaaf Aliases: CVE-2015-2305	Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.	1:3.5.2-2 Affected by 0 other vulnerabilities.
VCID-jyxb-65ev-aaar Aliases: CVE-2014-2893	The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.	1:3.5.2-0ubuntu1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version