VulnerableCode Package Details - pkg:deb/ubuntu/llvm-toolchain-3.6@1:3.6-2ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/llvm-toolchain-3.6@1:3.6-2ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/llvm-toolchain-3.6@1:3.6-2ubuntu1

Next non-vulnerable version	1:3.6.2-3ubuntu2
Latest non-vulnerable version	1:3.6.2-3ubuntu2
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-3c18-v2g4-aaaf Aliases: CVE-2015-2305	Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.	1:3.6.2-3ubuntu2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-jyxb-65ev-aaar	The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.	CVE-2014-2893

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version