VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000005.html
rhas	Important	https://access.redhat.com/errata/RHSA-2019:1543
cvssv3	4.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000005.json
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00356	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00471	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00471	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00471	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00471	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00653	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00653	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00653	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00653	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00653	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00653	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00653	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00653	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00653	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00653	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.00653	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
epss	0.0125	https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
rhbs	low	https://bugzilla.redhat.com/show_bug.cgi?id=1536013
generic_textual	Medium	https://curl.haxx.se/docs/adv_2018-824a.html
cvssv3.1	Low	https://curl.se/docs/CVE-2018-1000005.html
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007
generic_textual	Medium	https://github.com/curl/curl/pull/2231
cvssv2	6.4	https://nvd.nist.gov/vuln/detail/CVE-2018-1000005
cvssv3	9.1	https://nvd.nist.gov/vuln/detail/CVE-2018-1000005
archlinux	Medium	https://security.archlinux.org/AVG-593
archlinux	Medium	https://security.archlinux.org/AVG-594
archlinux	Medium	https://security.archlinux.org/AVG-595
archlinux	Medium	https://security.archlinux.org/AVG-596
archlinux	Medium	https://security.archlinux.org/AVG-597
archlinux	Medium	https://security.archlinux.org/AVG-598
generic_textual	Medium	https://ubuntu.com/security/notices/USN-3554-1

System

Score

Found at

generic_textual

Medium

http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000005.html

rhas

Important

https://access.redhat.com/errata/RHSA-2019:1543

cvssv3

4.8

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000005.json

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00356

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00471

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00471

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00471

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00471

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00653

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00653

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00653

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00653

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00653

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00653

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00653

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00653

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00653

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00653

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.00653

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

epss

0.0125

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

rhbs

low

https://bugzilla.redhat.com/show_bug.cgi?id=1536013

generic_textual

Medium

https://curl.haxx.se/docs/adv_2018-824a.html

cvssv3.1

Low

https://curl.se/docs/CVE-2018-1000005.html

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007

generic_textual

Medium

https://github.com/curl/curl/pull/2231

cvssv2

6.4

https://nvd.nist.gov/vuln/detail/CVE-2018-1000005

cvssv3

9.1

https://nvd.nist.gov/vuln/detail/CVE-2018-1000005

archlinux

Medium

https://security.archlinux.org/AVG-593

archlinux

Medium

https://security.archlinux.org/AVG-594

archlinux

Medium

https://security.archlinux.org/AVG-595

archlinux

Medium

https://security.archlinux.org/AVG-596

archlinux

Medium

https://security.archlinux.org/AVG-597

archlinux

Medium

https://security.archlinux.org/AVG-598

generic_textual

Medium

https://ubuntu.com/security/notices/USN-3554-1

Reference id	Reference type	URL
		http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000005.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000005.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-1000005
		https://curl.haxx.se/docs/adv_2018-824a.html
		https://curl.se/docs/CVE-2018-1000005.html
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007
		https://github.com/curl/curl/pull/2231
		https://ubuntu.com/security/notices/USN-3554-1
		https://usn.ubuntu.com/3554-1/
		https://www.debian.org/security/2018/dsa-4098
		http://www.securitytracker.com/id/1040273
1536013		https://bugzilla.redhat.com/show_bug.cgi?id=1536013
ASA-201801-20		https://security.archlinux.org/ASA-201801-20
ASA-201801-22		https://security.archlinux.org/ASA-201801-22
ASA-201801-23		https://security.archlinux.org/ASA-201801-23
ASA-201801-24		https://security.archlinux.org/ASA-201801-24
ASA-201801-25		https://security.archlinux.org/ASA-201801-25
ASA-201801-26		https://security.archlinux.org/ASA-201801-26
AVG-593		https://security.archlinux.org/AVG-593
AVG-594		https://security.archlinux.org/AVG-594
AVG-595		https://security.archlinux.org/AVG-595
AVG-596		https://security.archlinux.org/AVG-596
AVG-597		https://security.archlinux.org/AVG-597
AVG-598		https://security.archlinux.org/AVG-598
cpe:2.3:a:haxx:libcurl::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
CVE-2018-1000005		https://nvd.nist.gov/vuln/detail/CVE-2018-1000005
GLSA-201804-04		https://security.gentoo.org/glsa/201804-04
RHSA-2019:1543		https://access.redhat.com/errata/RHSA-2019:1543

Reference id

Reference type

URL

http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000005.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000005.json

https://api.first.org/data/v1/epss?cve=CVE-2018-1000005

https://curl.haxx.se/docs/adv_2018-824a.html

https://curl.se/docs/CVE-2018-1000005.html

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007

https://github.com/curl/curl/pull/2231

https://ubuntu.com/security/notices/USN-3554-1

https://usn.ubuntu.com/3554-1/

https://www.debian.org/security/2018/dsa-4098

http://www.securitytracker.com/id/1040273

1536013

https://bugzilla.redhat.com/show_bug.cgi?id=1536013

ASA-201801-20

https://security.archlinux.org/ASA-201801-20

ASA-201801-22

https://security.archlinux.org/ASA-201801-22

ASA-201801-23

https://security.archlinux.org/ASA-201801-23

ASA-201801-24

https://security.archlinux.org/ASA-201801-24

ASA-201801-25

https://security.archlinux.org/ASA-201801-25

ASA-201801-26

https://security.archlinux.org/ASA-201801-26

AVG-593

https://security.archlinux.org/AVG-593

AVG-594

https://security.archlinux.org/AVG-594

AVG-595

https://security.archlinux.org/AVG-595

AVG-596

https://security.archlinux.org/AVG-596

AVG-597

https://security.archlinux.org/AVG-597

AVG-598

https://security.archlinux.org/AVG-598

cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

CVE-2018-1000005

https://nvd.nist.gov/vuln/detail/CVE-2018-1000005

GLSA-201804-04

https://security.gentoo.org/glsa/201804-04

RHSA-2019:1543

https://access.redhat.com/errata/RHSA-2019:1543

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-dad3-naak-aaaj
Aliases	CVE-2018-1000005
Summary	libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.
Status	Published
Exploitability	0.5
Weighted Severity	8.2
Risk	4.1
Affected and Fixed Packages	Package Details

CWE-125	Out-of-bounds Read
CWE-126	Buffer Over-read

Percentile	0.54987
EPSS Score	0.00356
Published At	March 28, 2025, 12:55 p.m.