VulnerableCode Package Details - pkg:deb/ubuntu/llvm-toolchain-3.6@1:3.6-2ubuntu1~trusty2

Search for packages

Package details: pkg:deb/ubuntu/llvm-toolchain-3.6@1:3.6-2ubuntu1~trusty2

Essentials
History (0)

purl	pkg:deb/ubuntu/llvm-toolchain-3.6@1:3.6-2ubuntu1~trusty2

Next non-vulnerable version	1:3.6.2-3ubuntu2
Latest non-vulnerable version	1:3.6.2-3ubuntu2
Risk	1.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-jyxb-65ev-aaar Aliases: CVE-2014-2893	The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.	1:3.6-2ubuntu1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-3c18-v2g4-aaaf	Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.	CVE-2015-2305

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version