· 6 years ago · Aug 30, 2019, 03:00 PM
1 {
2 "Features": [
3 {
4 "Name": "bash",
5 "Version": "4.3-7ubuntu1.5",
6 "NamespaceName": "ubuntu:14.04",
7 "Vulnerabilities": [
8 {
9 "Name": "CVE-2016-7543",
10 "NamespaceName": "ubuntu:14.04",
11 "Description": "Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.",
12 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-7543",
13 "Severity": "Medium"
14 },
15 {
16 "Name": "CVE-2019-9924",
17 "NamespaceName": "ubuntu:14.04",
18 "Description": "rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.",
19 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-9924",
20 "Severity": "Low"
21 },
22 {
23 "Name": "CVE-2016-9401",
24 "NamespaceName": "ubuntu:14.04",
25 "Description": "popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.",
26 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9401",
27 "Severity": "Negligible"
28 },
29 {
30 "Name": "CVE-2016-0634",
31 "NamespaceName": "ubuntu:14.04",
32 "Description": "The expansion of '\\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.",
33 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0634",
34 "Severity": "Low"
35 }
36 ]
37 },
38 {
39 "Name": "audit",
40 "Version": "1:2.3.2-2ubuntu1",
41 "NamespaceName": "ubuntu:14.04",
42 "Vulnerabilities": [
43 {
44 "Name": "CVE-2015-5186",
45 "NamespaceName": "ubuntu:14.04",
46 "Description": "Audit before 2.4.4 in Linux does not sanitize escape characters in filenames.",
47 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-5186",
48 "Severity": "Negligible"
49 },
50 {
51 "Name": "CVE-2015-5186",
52 "NamespaceName": "ubuntu:14.04",
53 "Description": "Audit before 2.4.4 in Linux does not sanitize escape characters in filenames.",
54 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-5186",
55 "Severity": "Negligible"
56 }
57 ]
58 },
59 {
60 "Name": "util-linux",
61 "Version": "2.20.1-5.1ubuntu20.6",
62 "NamespaceName": "ubuntu:14.04",
63 "Vulnerabilities": [
64 {
65 "Name": "CVE-2013-0157",
66 "NamespaceName": "ubuntu:14.04",
67 "Description": "(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates different error messages depending on whether the directory exists.",
68 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-0157",
69 "Severity": "Low"
70 },
71 {
72 "Name": "CVE-2016-5011",
73 "NamespaceName": "ubuntu:14.04",
74 "Description": "The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.",
75 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-5011",
76 "Severity": "Low"
77 },
78 {
79 "Name": "CVE-2014-9114",
80 "NamespaceName": "ubuntu:14.04",
81 "Description": "Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.",
82 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9114",
83 "Severity": "Low"
84 }
85 ]
86 },
87 {
88 "Name": "eglibc",
89 "Version": "2.19-0ubuntu6.14",
90 "NamespaceName": "ubuntu:14.04",
91 "Vulnerabilities": [
92 {
93 "Name": "CVE-2014-9761",
94 "NamespaceName": "ubuntu:14.04",
95 "Description": "Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.",
96 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9761",
97 "Severity": "Low"
98 },
99 {
100 "Name": "CVE-2019-9192",
101 "NamespaceName": "ubuntu:14.04",
102 "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.",
103 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-9192",
104 "Severity": "Negligible"
105 },
106 {
107 "Name": "CVE-2018-6485",
108 "NamespaceName": "ubuntu:14.04",
109 "Description": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
110 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6485",
111 "Severity": "Medium"
112 },
113 {
114 "Name": "CVE-2018-20796",
115 "NamespaceName": "ubuntu:14.04",
116 "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.",
117 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20796",
118 "Severity": "Negligible"
119 },
120 {
121 "Name": "CVE-2017-12132",
122 "NamespaceName": "ubuntu:14.04",
123 "Description": "The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.",
124 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12132",
125 "Severity": "Low"
126 },
127 {
128 "Name": "CVE-2019-7309",
129 "NamespaceName": "ubuntu:14.04",
130 "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.",
131 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-7309",
132 "Severity": "Negligible"
133 },
134 {
135 "Name": "CVE-2014-9984",
136 "NamespaceName": "ubuntu:14.04",
137 "Description": "nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd.",
138 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9984",
139 "Severity": "Medium"
140 },
141 {
142 "Name": "CVE-2017-12133",
143 "NamespaceName": "ubuntu:14.04",
144 "Description": "Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.",
145 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12133",
146 "Severity": "Low"
147 },
148 {
149 "Name": "CVE-2015-5180",
150 "NamespaceName": "ubuntu:14.04",
151 "Description": "res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).",
152 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-5180",
153 "Severity": "Low"
154 },
155 {
156 "Name": "CVE-2016-10228",
157 "NamespaceName": "ubuntu:14.04",
158 "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.",
159 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10228",
160 "Severity": "Negligible"
161 },
162 {
163 "Name": "CVE-2009-5155",
164 "NamespaceName": "ubuntu:14.04",
165 "Description": "In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.",
166 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2009-5155",
167 "Severity": "Low"
168 }
169 ]
170 },
171 {
172 "Name": "gcc-4.8",
173 "Version": "4.8.4-2ubuntu1~14.04.4",
174 "NamespaceName": "ubuntu:14.04",
175 "Vulnerabilities": [
176 {
177 "Name": "CVE-2015-5276",
178 "NamespaceName": "ubuntu:14.04",
179 "Description": "The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors.",
180 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-5276",
181 "Severity": "Low"
182 }
183 ]
184 },
185 {
186 "Name": "sudo",
187 "Version": "1.8.9p5-1ubuntu1.4",
188 "NamespaceName": "ubuntu:14.04",
189 "Vulnerabilities": [
190 {
191 "Name": "CVE-2017-1000368",
192 "NamespaceName": "ubuntu:14.04",
193 "Description": "Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.",
194 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-1000368",
195 "Severity": "Medium"
196 },
197 {
198 "Name": "CVE-2016-7076",
199 "NamespaceName": "ubuntu:14.04",
200 "Description": "sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.",
201 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-7076",
202 "Severity": "Medium"
203 },
204 {
205 "Name": "CVE-2016-7032",
206 "NamespaceName": "ubuntu:14.04",
207 "Description": "sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.",
208 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-7032",
209 "Severity": "Negligible"
210 },
211 {
212 "Name": "CVE-2015-8239",
213 "NamespaceName": "ubuntu:14.04",
214 "Description": "The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.",
215 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8239",
216 "Severity": "Low"
217 },
218 {
219 "Name": "CVE-2015-5602",
220 "NamespaceName": "ubuntu:14.04",
221 "Description": "sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by \"/home/*/*/file.txt.\"",
222 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-5602",
223 "Severity": "Medium"
224 }
225 ]
226 },
227 {
228 "Name": "shadow",
229 "Version": "1:4.1.5.1-1ubuntu9.5",
230 "NamespaceName": "ubuntu:14.04",
231 "Vulnerabilities": [
232 {
233 "Name": "CVE-2013-4235",
234 "NamespaceName": "ubuntu:14.04",
235 "Description": "TOCTOU race conditions by copying and removing directory trees",
236 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-4235",
237 "Severity": "Low"
238 },
239 {
240 "Name": "CVE-2018-7169",
241 "NamespaceName": "ubuntu:14.04",
242 "Description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used \"group blacklisting\" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.",
243 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-7169",
244 "Severity": "Low"
245 },
246 {
247 "Name": "CVE-2017-12424",
248 "NamespaceName": "ubuntu:14.04",
249 "Description": "In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.",
250 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12424",
251 "Severity": "Low"
252 }
253 ]
254 },
255 {
256 "Name": "zlib",
257 "Version": "1:1.2.8.dfsg-1ubuntu1",
258 "NamespaceName": "ubuntu:14.04",
259 "Vulnerabilities": [
260 {
261 "Name": "CVE-2016-9841",
262 "NamespaceName": "ubuntu:14.04",
263 "Description": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
264 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9841",
265 "Severity": "Low"
266 },
267 {
268 "Name": "CVE-2016-9842",
269 "NamespaceName": "ubuntu:14.04",
270 "Description": "The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.",
271 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9842",
272 "Severity": "Low"
273 },
274 {
275 "Name": "CVE-2016-9843",
276 "NamespaceName": "ubuntu:14.04",
277 "Description": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.",
278 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9843",
279 "Severity": "Low"
280 },
281 {
282 "Name": "CVE-2016-9840",
283 "NamespaceName": "ubuntu:14.04",
284 "Description": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
285 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9840",
286 "Severity": "Low"
287 }
288 ]
289 },
290 {
291 "Name": "jq",
292 "Version": "1.3-1.1ubuntu1.1",
293 "NamespaceName": "ubuntu:14.04",
294 "Vulnerabilities": [
295 {
296 "Name": "CVE-2016-4074",
297 "NamespaceName": "ubuntu:14.04",
298 "Description": "The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file.",
299 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-4074",
300 "Severity": "Medium"
301 }
302 ]
303 },
304 {
305 "Name": "util-linux",
306 "Version": "2.20.1-5.1ubuntu20.9",
307 "NamespaceName": "ubuntu:14.04",
308 "Vulnerabilities": [
309 {
310 "Name": "CVE-2013-0157",
311 "NamespaceName": "ubuntu:14.04",
312 "Description": "(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates different error messages depending on whether the directory exists.",
313 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-0157",
314 "Severity": "Low"
315 },
316 {
317 "Name": "CVE-2016-5011",
318 "NamespaceName": "ubuntu:14.04",
319 "Description": "The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.",
320 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-5011",
321 "Severity": "Low"
322 },
323 {
324 "Name": "CVE-2014-9114",
325 "NamespaceName": "ubuntu:14.04",
326 "Description": "Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.",
327 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9114",
328 "Severity": "Low"
329 }
330 ]
331 },
332 {
333 "Name": "heimdal",
334 "Version": "1.6~git20131207+dfsg-1ubuntu1.2",
335 "NamespaceName": "ubuntu:14.04",
336 "Vulnerabilities": [
337 {
338 "Name": "CVE-2019-12098",
339 "NamespaceName": "ubuntu:14.04",
340 "Description": "In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.",
341 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-12098",
342 "Severity": "Low"
343 },
344 {
345 "Name": "CVE-2017-6594",
346 "NamespaceName": "ubuntu:14.04",
347 "Description": "The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.",
348 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-6594",
349 "Severity": "Low"
350 }
351 ]
352 },
353 {
354 "Name": "db5.3",
355 "Version": "5.3.28-3ubuntu3.1",
356 "NamespaceName": "ubuntu:14.04",
357 "Vulnerabilities": [
358 {
359 "Name": "CVE-2019-8457",
360 "NamespaceName": "ubuntu:14.04",
361 "Description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.",
362 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-8457",
363 "Severity": "Medium"
364 }
365 ]
366 },
367 {
368 "Name": "pam",
369 "Version": "1.1.8-1ubuntu2",
370 "NamespaceName": "ubuntu:14.04",
371 "Vulnerabilities": [
372 {
373 "Name": "CVE-2013-7041",
374 "NamespaceName": "ubuntu:14.04",
375 "Description": "The pam_userdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack.",
376 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-7041",
377 "Severity": "Low"
378 },
379 {
380 "Name": "CVE-2014-2583",
381 "NamespaceName": "ubuntu:14.04",
382 "Description": "Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty function, which is used by the format_timestamp_name function.",
383 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-2583",
384 "Severity": "Low"
385 },
386 {
387 "Name": "CVE-2015-3238",
388 "NamespaceName": "ubuntu:14.04",
389 "Description": "The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.",
390 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-3238",
391 "Severity": "Low"
392 }
393 ]
394 },
395 {
396 "Name": "busybox",
397 "Version": "1:1.21.0-1ubuntu1",
398 "NamespaceName": "ubuntu:14.04",
399 "Vulnerabilities": [
400 {
401 "Name": "CVE-2011-5325",
402 "NamespaceName": "ubuntu:14.04",
403 "Description": "Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.",
404 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2011-5325",
405 "Severity": "Low"
406 },
407 {
408 "Name": "CVE-2017-15873",
409 "NamespaceName": "ubuntu:14.04",
410 "Description": "The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.",
411 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-15873",
412 "Severity": "Low"
413 },
414 {
415 "Name": "CVE-2016-2147",
416 "NamespaceName": "ubuntu:14.04",
417 "Description": "Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.",
418 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2147",
419 "Severity": "Low"
420 },
421 {
422 "Name": "CVE-2016-2148",
423 "NamespaceName": "ubuntu:14.04",
424 "Description": "Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.",
425 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2148",
426 "Severity": "Low"
427 },
428 {
429 "Name": "CVE-2018-1000517",
430 "NamespaceName": "ubuntu:14.04",
431 "Description": "BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.",
432 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1000517",
433 "Severity": "Medium"
434 },
435 {
436 "Name": "CVE-2017-16544",
437 "NamespaceName": "ubuntu:14.04",
438 "Description": "In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.",
439 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-16544",
440 "Severity": "Medium"
441 },
442 {
443 "Name": "CVE-2019-5747",
444 "NamespaceName": "ubuntu:14.04",
445 "Description": "An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679.",
446 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-5747",
447 "Severity": "Medium"
448 },
449 {
450 "Name": "CVE-2018-20679",
451 "NamespaceName": "ubuntu:14.04",
452 "Description": "An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes.",
453 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20679",
454 "Severity": "Low"
455 },
456 {
457 "Name": "CVE-2015-9261",
458 "NamespaceName": "ubuntu:14.04",
459 "Description": "huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.",
460 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-9261",
461 "Severity": "Medium"
462 },
463 {
464 "Name": "CVE-2014-9645",
465 "NamespaceName": "ubuntu:14.04",
466 "Description": "The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an \"ifconfig /usbserial up\" command or a \"mount -t /snd_pcm none /\" command.",
467 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9645",
468 "Severity": "Low"
469 },
470 {
471 "Name": "CVE-2011-5325",
472 "NamespaceName": "ubuntu:14.04",
473 "Description": "Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.",
474 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2011-5325",
475 "Severity": "Low"
476 },
477 {
478 "Name": "CVE-2017-15873",
479 "NamespaceName": "ubuntu:14.04",
480 "Description": "The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.",
481 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-15873",
482 "Severity": "Low"
483 },
484 {
485 "Name": "CVE-2016-2147",
486 "NamespaceName": "ubuntu:14.04",
487 "Description": "Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.",
488 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2147",
489 "Severity": "Low"
490 },
491 {
492 "Name": "CVE-2016-2148",
493 "NamespaceName": "ubuntu:14.04",
494 "Description": "Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.",
495 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2148",
496 "Severity": "Low"
497 },
498 {
499 "Name": "CVE-2018-1000517",
500 "NamespaceName": "ubuntu:14.04",
501 "Description": "BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.",
502 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1000517",
503 "Severity": "Medium"
504 },
505 {
506 "Name": "CVE-2017-16544",
507 "NamespaceName": "ubuntu:14.04",
508 "Description": "In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.",
509 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-16544",
510 "Severity": "Medium"
511 },
512 {
513 "Name": "CVE-2019-5747",
514 "NamespaceName": "ubuntu:14.04",
515 "Description": "An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679.",
516 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-5747",
517 "Severity": "Medium"
518 },
519 {
520 "Name": "CVE-2018-20679",
521 "NamespaceName": "ubuntu:14.04",
522 "Description": "An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes.",
523 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20679",
524 "Severity": "Low"
525 },
526 {
527 "Name": "CVE-2015-9261",
528 "NamespaceName": "ubuntu:14.04",
529 "Description": "huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.",
530 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-9261",
531 "Severity": "Medium"
532 },
533 {
534 "Name": "CVE-2014-9645",
535 "NamespaceName": "ubuntu:14.04",
536 "Description": "The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an \"ifconfig /usbserial up\" command or a \"mount -t /snd_pcm none /\" command.",
537 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9645",
538 "Severity": "Low"
539 }
540 ]
541 },
542 {
543 "Name": "dbus",
544 "Version": "1.6.18-0ubuntu4.3",
545 "NamespaceName": "ubuntu:14.04",
546 "Vulnerabilities": [
547 {
548 "Name": "CVE-2015-0245",
549 "NamespaceName": "ubuntu:14.04",
550 "Description": "D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving sending an ActivationFailure signal before systemd responds.",
551 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-0245",
552 "Severity": "Medium"
553 },
554 {
555 "Name": "CVE-2019-12749",
556 "NamespaceName": "ubuntu:14.04",
557 "Description": "dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.",
558 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-12749",
559 "Severity": "Medium"
560 }
561 ]
562 },
563 {
564 "Name": "tar",
565 "Version": "1.27.1-1",
566 "NamespaceName": "ubuntu:14.04",
567 "Vulnerabilities": [
568 {
569 "Name": "CVE-2016-6321",
570 "NamespaceName": "ubuntu:14.04",
571 "Description": "Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER.",
572 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-6321",
573 "Severity": "Medium"
574 },
575 {
576 "Name": "CVE-2018-20482",
577 "NamespaceName": "ubuntu:14.04",
578 "Description": "GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).",
579 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20482",
580 "Severity": "Low"
581 }
582 ]
583 },
584 {
585 "Name": "eglibc",
586 "Version": "2.19-0ubuntu6.6",
587 "NamespaceName": "ubuntu:14.04",
588 "Vulnerabilities": [
589 {
590 "Name": "CVE-2015-8778",
591 "NamespaceName": "ubuntu:14.04",
592 "Description": "Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.",
593 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8778",
594 "Severity": "Low"
595 },
596 {
597 "Name": "CVE-2017-1000409",
598 "NamespaceName": "ubuntu:14.04",
599 "Description": "A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
600 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-1000409",
601 "Severity": "Low"
602 },
603 {
604 "Name": "CVE-2014-9761",
605 "NamespaceName": "ubuntu:14.04",
606 "Description": "Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.",
607 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9761",
608 "Severity": "Low"
609 },
610 {
611 "Name": "CVE-2016-6323",
612 "NamespaceName": "ubuntu:14.04",
613 "Description": "The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation.",
614 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-6323",
615 "Severity": "Low"
616 },
617 {
618 "Name": "CVE-2015-8779",
619 "NamespaceName": "ubuntu:14.04",
620 "Description": "Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.",
621 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8779",
622 "Severity": "Low"
623 },
624 {
625 "Name": "CVE-2018-1000001",
626 "NamespaceName": "ubuntu:14.04",
627 "Description": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
628 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1000001",
629 "Severity": "High"
630 },
631 {
632 "Name": "CVE-2016-1234",
633 "NamespaceName": "ubuntu:14.04",
634 "Description": "Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.",
635 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-1234",
636 "Severity": "Low"
637 },
638 {
639 "Name": "CVE-2017-1000408",
640 "NamespaceName": "ubuntu:14.04",
641 "Description": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
642 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-1000408",
643 "Severity": "Low"
644 },
645 {
646 "Name": "CVE-2017-1000366",
647 "NamespaceName": "ubuntu:14.04",
648 "Description": "glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.",
649 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-1000366",
650 "Severity": "Medium"
651 },
652 {
653 "Name": "CVE-2016-2856",
654 "NamespaceName": "ubuntu:14.04",
655 "Description": "pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the --enable-pt_chown option.",
656 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2856",
657 "Severity": "Medium"
658 },
659 {
660 "Name": "CVE-2019-9192",
661 "NamespaceName": "ubuntu:14.04",
662 "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.",
663 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-9192",
664 "Severity": "Negligible"
665 },
666 {
667 "Name": "CVE-2013-2207",
668 "NamespaceName": "ubuntu:14.04",
669 "Description": "pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.",
670 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-2207",
671 "Severity": "Low"
672 },
673 {
674 "Name": "CVE-2014-8121",
675 "NamespaceName": "ubuntu:14.04",
676 "Description": "DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.",
677 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-8121",
678 "Severity": "Low"
679 },
680 {
681 "Name": "CVE-2015-8776",
682 "NamespaceName": "ubuntu:14.04",
683 "Description": "The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.",
684 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8776",
685 "Severity": "Low"
686 },
687 {
688 "Name": "CVE-2016-3706",
689 "NamespaceName": "ubuntu:14.04",
690 "Description": "Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.",
691 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3706",
692 "Severity": "Low"
693 },
694 {
695 "Name": "CVE-2018-6485",
696 "NamespaceName": "ubuntu:14.04",
697 "Description": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
698 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6485",
699 "Severity": "Medium"
700 },
701 {
702 "Name": "CVE-2018-20796",
703 "NamespaceName": "ubuntu:14.04",
704 "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.",
705 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20796",
706 "Severity": "Negligible"
707 },
708 {
709 "Name": "CVE-2017-12132",
710 "NamespaceName": "ubuntu:14.04",
711 "Description": "The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.",
712 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12132",
713 "Severity": "Low"
714 },
715 {
716 "Name": "CVE-2015-8777",
717 "NamespaceName": "ubuntu:14.04",
718 "Description": "The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.",
719 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8777",
720 "Severity": "Low"
721 },
722 {
723 "Name": "CVE-2015-8983",
724 "NamespaceName": "ubuntu:14.04",
725 "Description": "Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow.",
726 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8983",
727 "Severity": "Medium"
728 },
729 {
730 "Name": "CVE-2017-16997",
731 "NamespaceName": "ubuntu:14.04",
732 "Description": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
733 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-16997",
734 "Severity": "Low"
735 },
736 {
737 "Name": "CVE-2015-5277",
738 "NamespaceName": "ubuntu:14.04",
739 "Description": "The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.",
740 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-5277",
741 "Severity": "Medium"
742 },
743 {
744 "Name": "CVE-2019-7309",
745 "NamespaceName": "ubuntu:14.04",
746 "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.",
747 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-7309",
748 "Severity": "Negligible"
749 },
750 {
751 "Name": "CVE-2015-8984",
752 "NamespaceName": "ubuntu:14.04",
753 "Description": "The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read.",
754 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8984",
755 "Severity": "Medium"
756 },
757 {
758 "Name": "CVE-2014-9984",
759 "NamespaceName": "ubuntu:14.04",
760 "Description": "nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd.",
761 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9984",
762 "Severity": "Medium"
763 },
764 {
765 "Name": "CVE-2017-12133",
766 "NamespaceName": "ubuntu:14.04",
767 "Description": "Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.",
768 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12133",
769 "Severity": "Low"
770 },
771 {
772 "Name": "CVE-2015-5180",
773 "NamespaceName": "ubuntu:14.04",
774 "Description": "res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).",
775 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-5180",
776 "Severity": "Low"
777 },
778 {
779 "Name": "CVE-2016-4429",
780 "NamespaceName": "ubuntu:14.04",
781 "Description": "Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.",
782 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-4429",
783 "Severity": "Low"
784 },
785 {
786 "Name": "CVE-2016-10228",
787 "NamespaceName": "ubuntu:14.04",
788 "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.",
789 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10228",
790 "Severity": "Negligible"
791 },
792 {
793 "Name": "CVE-2017-15670",
794 "NamespaceName": "ubuntu:14.04",
795 "Description": "The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.",
796 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-15670",
797 "Severity": "Low"
798 },
799 {
800 "Name": "CVE-2015-1781",
801 "NamespaceName": "ubuntu:14.04",
802 "Description": "Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.",
803 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-1781",
804 "Severity": "Low"
805 },
806 {
807 "Name": "CVE-2016-3075",
808 "NamespaceName": "ubuntu:14.04",
809 "Description": "Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.",
810 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3075",
811 "Severity": "Low"
812 },
813 {
814 "Name": "CVE-2017-15804",
815 "NamespaceName": "ubuntu:14.04",
816 "Description": "The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.",
817 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-15804",
818 "Severity": "Low"
819 },
820 {
821 "Name": "CVE-2009-5155",
822 "NamespaceName": "ubuntu:14.04",
823 "Description": "In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.",
824 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2009-5155",
825 "Severity": "Low"
826 },
827 {
828 "Name": "CVE-2015-8982",
829 "NamespaceName": "ubuntu:14.04",
830 "Description": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.",
831 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8982",
832 "Severity": "Medium"
833 },
834 {
835 "Name": "CVE-2015-7547",
836 "NamespaceName": "ubuntu:14.04",
837 "Description": "Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing \"dual A/AAAA DNS queries\" and the libnss_dns.so.2 NSS module.",
838 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-7547",
839 "Severity": "High"
840 }
841 ]
842 },
843 {
844 "Name": "db5.3",
845 "Version": "5.3.28-3ubuntu3",
846 "NamespaceName": "ubuntu:14.04",
847 "Vulnerabilities": [
848 {
849 "Name": "CVE-2017-10140",
850 "NamespaceName": "ubuntu:14.04",
851 "Description": "Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory.",
852 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-10140",
853 "Severity": "Medium"
854 },
855 {
856 "Name": "CVE-2019-8457",
857 "NamespaceName": "ubuntu:14.04",
858 "Description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.",
859 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-8457",
860 "Severity": "Medium"
861 }
862 ]
863 },
864 {
865 "Name": "shadow",
866 "Version": "1:4.1.5.1-1ubuntu9.1",
867 "NamespaceName": "ubuntu:14.04",
868 "Vulnerabilities": [
869 {
870 "Name": "CVE-2016-6252",
871 "NamespaceName": "ubuntu:14.04",
872 "Description": "Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap.",
873 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-6252",
874 "Severity": "Medium"
875 },
876 {
877 "Name": "CVE-2013-4235",
878 "NamespaceName": "ubuntu:14.04",
879 "Description": "TOCTOU race conditions by copying and removing directory trees",
880 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-4235",
881 "Severity": "Low"
882 },
883 {
884 "Name": "CVE-2018-7169",
885 "NamespaceName": "ubuntu:14.04",
886 "Description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used \"group blacklisting\" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.",
887 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-7169",
888 "Severity": "Low"
889 },
890 {
891 "Name": "CVE-2017-12424",
892 "NamespaceName": "ubuntu:14.04",
893 "Description": "In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.",
894 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12424",
895 "Severity": "Low"
896 },
897 {
898 "Name": "CVE-2017-2616",
899 "NamespaceName": "ubuntu:14.04",
900 "Description": "A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.",
901 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-2616",
902 "Severity": "Medium"
903 }
904 ]
905 },
906 {
907 "Name": "gnupg",
908 "Version": "1.4.16-1ubuntu2.6",
909 "NamespaceName": "ubuntu:14.04",
910 "Vulnerabilities": [
911 {
912 "Name": "CVE-2019-13050",
913 "NamespaceName": "ubuntu:14.04",
914 "Description": "Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.",
915 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-13050",
916 "Severity": "Medium"
917 }
918 ]
919 },
920 {
921 "Name": "systemd",
922 "Version": "204-5ubuntu20.29",
923 "NamespaceName": "ubuntu:14.04",
924 "Vulnerabilities": [
925 {
926 "Name": "CVE-2018-20839",
927 "NamespaceName": "ubuntu:14.04",
928 "Description": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.",
929 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20839",
930 "Severity": "Medium"
931 },
932 {
933 "Name": "CVE-2019-3842",
934 "NamespaceName": "ubuntu:14.04",
935 "Description": "In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the \"allow_active\" element rather than \"allow_any\".",
936 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-3842",
937 "Severity": "Medium"
938 }
939 ]
940 },
941 {
942 "Name": "curl",
943 "Version": "7.35.0-1ubuntu2.20",
944 "NamespaceName": "ubuntu:14.04",
945 "Vulnerabilities": [
946 {
947 "Name": "CVE-2019-5436",
948 "NamespaceName": "ubuntu:14.04",
949 "Description": "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.",
950 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-5436",
951 "Severity": "Medium"
952 },
953 {
954 "Name": "CVE-2016-8625",
955 "NamespaceName": "ubuntu:14.04",
956 "Description": "curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host.",
957 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-8625",
958 "Severity": "Low"
959 }
960 ]
961 },
962 {
963 "Name": "dpkg",
964 "Version": "1.17.5ubuntu5.4",
965 "NamespaceName": "ubuntu:14.04",
966 "Vulnerabilities": [
967 {
968 "Name": "CVE-2014-8625",
969 "NamespaceName": "ubuntu:14.04",
970 "Description": "Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.",
971 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-8625",
972 "Severity": "Low"
973 },
974 {
975 "Name": "CVE-2015-0860",
976 "NamespaceName": "ubuntu:14.04",
977 "Description": "Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an \"old-style\" Debian binary package, which triggers a stack-based buffer overflow.",
978 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-0860",
979 "Severity": "Medium"
980 },
981 {
982 "Name": "CVE-2017-8283",
983 "NamespaceName": "ubuntu:14.04",
984 "Description": "dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD.",
985 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-8283",
986 "Severity": "Negligible"
987 }
988 ]
989 },
990 {
991 "Name": "cpio",
992 "Version": "2.11+dfsg-1ubuntu1.1",
993 "NamespaceName": "ubuntu:14.04",
994 "Vulnerabilities": [
995 {
996 "Name": "CVE-2016-2037",
997 "NamespaceName": "ubuntu:14.04",
998 "Description": "The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file.",
999 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2037",
1000 "Severity": "Medium"
1001 },
1002 {
1003 "Name": "CVE-2015-1197",
1004 "NamespaceName": "ubuntu:14.04",
1005 "Description": "cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.",
1006 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-1197",
1007 "Severity": "Low"
1008 }
1009 ]
1010 },
1011 {
1012 "Name": "perl",
1013 "Version": "5.18.2-2ubuntu1",
1014 "NamespaceName": "ubuntu:14.04",
1015 "Vulnerabilities": [
1016 {
1017 "Name": "CVE-2013-7422",
1018 "NamespaceName": "ubuntu:14.04",
1019 "Description": "Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid backreference within a regular expression.",
1020 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-7422",
1021 "Severity": "Low"
1022 },
1023 {
1024 "Name": "CVE-2018-12015",
1025 "NamespaceName": "ubuntu:14.04",
1026 "Description": "In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.",
1027 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-12015",
1028 "Severity": "Medium"
1029 },
1030 {
1031 "Name": "CVE-2017-12883",
1032 "NamespaceName": "ubuntu:14.04",
1033 "Description": "Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\\N{U+...}' escape.",
1034 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12883",
1035 "Severity": "Medium"
1036 },
1037 {
1038 "Name": "CVE-2018-18313",
1039 "NamespaceName": "ubuntu:14.04",
1040 "Description": "Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.",
1041 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-18313",
1042 "Severity": "Medium"
1043 },
1044 {
1045 "Name": "CVE-2016-6185",
1046 "NamespaceName": "ubuntu:14.04",
1047 "Description": "The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.",
1048 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-6185",
1049 "Severity": "Low"
1050 },
1051 {
1052 "Name": "CVE-2018-6913",
1053 "NamespaceName": "ubuntu:14.04",
1054 "Description": "Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.",
1055 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6913",
1056 "Severity": "Medium"
1057 },
1058 {
1059 "Name": "CVE-2016-2381",
1060 "NamespaceName": "ubuntu:14.04",
1061 "Description": "Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.",
1062 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2381",
1063 "Severity": "Medium"
1064 },
1065 {
1066 "Name": "CVE-2014-4330",
1067 "NamespaceName": "ubuntu:14.04",
1068 "Description": "The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function.",
1069 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4330",
1070 "Severity": "Low"
1071 },
1072 {
1073 "Name": "CVE-2017-12837",
1074 "NamespaceName": "ubuntu:14.04",
1075 "Description": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\\N{}' escape and the case-insensitive modifier.",
1076 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12837",
1077 "Severity": "Medium"
1078 },
1079 {
1080 "Name": "CVE-2017-6512",
1081 "NamespaceName": "ubuntu:14.04",
1082 "Description": "Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.",
1083 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-6512",
1084 "Severity": "Low"
1085 },
1086 {
1087 "Name": "CVE-2018-18311",
1088 "NamespaceName": "ubuntu:14.04",
1089 "Description": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
1090 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-18311",
1091 "Severity": "Medium"
1092 },
1093 {
1094 "Name": "CVE-2015-8853",
1095 "NamespaceName": "ubuntu:14.04",
1096 "Description": "The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by \"a\\x80.\"",
1097 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8853",
1098 "Severity": "Low"
1099 }
1100 ]
1101 },
1102 {
1103 "Name": "pcre3",
1104 "Version": "1:8.31-2ubuntu2.1",
1105 "NamespaceName": "ubuntu:14.04",
1106 "Vulnerabilities": [
1107 {
1108 "Name": "CVE-2015-8382",
1109 "NamespaceName": "ubuntu:14.04",
1110 "Description": "The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547.",
1111 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8382",
1112 "Severity": "Low"
1113 },
1114 {
1115 "Name": "CVE-2015-8394",
1116 "NamespaceName": "ubuntu:14.04",
1117 "Description": "PCRE before 8.38 mishandles the (?(\u003cdigits\u003e) and (?(R\u003cdigits\u003e) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
1118 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8394",
1119 "Severity": "Low"
1120 },
1121 {
1122 "Name": "CVE-2016-3191",
1123 "NamespaceName": "ubuntu:14.04",
1124 "Description": "The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542.",
1125 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3191",
1126 "Severity": "Medium"
1127 },
1128 {
1129 "Name": "CVE-2017-11164",
1130 "NamespaceName": "ubuntu:14.04",
1131 "Description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.",
1132 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11164",
1133 "Severity": "Low"
1134 },
1135 {
1136 "Name": "CVE-2015-8391",
1137 "NamespaceName": "ubuntu:14.04",
1138 "Description": "The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
1139 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8391",
1140 "Severity": "Low"
1141 },
1142 {
1143 "Name": "CVE-2015-8385",
1144 "NamespaceName": "ubuntu:14.04",
1145 "Description": "PCRE before 8.38 mishandles the /(?|(\\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
1146 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8385",
1147 "Severity": "Low"
1148 },
1149 {
1150 "Name": "CVE-2017-7245",
1151 "NamespaceName": "ubuntu:14.04",
1152 "Description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.",
1153 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-7245",
1154 "Severity": "Negligible"
1155 },
1156 {
1157 "Name": "CVE-2015-8386",
1158 "NamespaceName": "ubuntu:14.04",
1159 "Description": "PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
1160 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8386",
1161 "Severity": "Low"
1162 },
1163 {
1164 "Name": "CVE-2015-8387",
1165 "NamespaceName": "ubuntu:14.04",
1166 "Description": "PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
1167 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8387",
1168 "Severity": "Low"
1169 },
1170 {
1171 "Name": "CVE-2017-7246",
1172 "NamespaceName": "ubuntu:14.04",
1173 "Description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.",
1174 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-7246",
1175 "Severity": "Negligible"
1176 },
1177 {
1178 "Name": "CVE-2015-8390",
1179 "NamespaceName": "ubuntu:14.04",
1180 "Description": "PCRE before 8.38 mishandles the [: and \\\\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
1181 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8390",
1182 "Severity": "Low"
1183 },
1184 {
1185 "Name": "CVE-2015-2328",
1186 "NamespaceName": "ubuntu:14.04",
1187 "Description": "PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
1188 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-2328",
1189 "Severity": "Low"
1190 },
1191 {
1192 "Name": "CVE-2015-8380",
1193 "NamespaceName": "ubuntu:14.04",
1194 "Description": "The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \\01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
1195 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8380",
1196 "Severity": "Low"
1197 },
1198 {
1199 "Name": "CVE-2015-8393",
1200 "NamespaceName": "ubuntu:14.04",
1201 "Description": "pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client.",
1202 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8393",
1203 "Severity": "Low"
1204 }
1205 ]
1206 },
1207 {
1208 "Name": "libpng",
1209 "Version": "1.2.50-1ubuntu2",
1210 "NamespaceName": "ubuntu:14.04",
1211 "Vulnerabilities": [
1212 {
1213 "Name": "CVE-2015-8540",
1214 "NamespaceName": "ubuntu:14.04",
1215 "Description": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.",
1216 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8540",
1217 "Severity": "Medium"
1218 },
1219 {
1220 "Name": "CVE-2015-8472",
1221 "NamespaceName": "ubuntu:14.04",
1222 "Description": "Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.",
1223 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8472",
1224 "Severity": "Medium"
1225 },
1226 {
1227 "Name": "CVE-2015-8126",
1228 "NamespaceName": "ubuntu:14.04",
1229 "Description": "Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.",
1230 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-8126",
1231 "Severity": "Medium"
1232 },
1233 {
1234 "Name": "CVE-2018-14048",
1235 "NamespaceName": "ubuntu:14.04",
1236 "Description": "An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.",
1237 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-14048",
1238 "Severity": "Low"
1239 },
1240 {
1241 "Name": "CVE-2015-7981",
1242 "NamespaceName": "ubuntu:14.04",
1243 "Description": "The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.",
1244 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-7981",
1245 "Severity": "Low"
1246 },
1247 {
1248 "Name": "CVE-2016-10087",
1249 "NamespaceName": "ubuntu:14.04",
1250 "Description": "The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.",
1251 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10087",
1252 "Severity": "Low"
1253 }
1254 ]
1255 },
1256 {
1257 "Name": "coreutils",
1258 "Version": "8.21-1ubuntu5.1",
1259 "NamespaceName": "ubuntu:14.04",
1260 "Vulnerabilities": [
1261 {
1262 "Name": "CVE-2016-2781",
1263 "NamespaceName": "ubuntu:14.04",
1264 "Description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
1265 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2781",
1266 "Severity": "Low"
1267 }
1268 ]
1269 },
1270 {
1271 "Name": "gcc-4.8",
1272 "Version": "4.8.4-2ubuntu1~14.04",
1273 "NamespaceName": "ubuntu:14.04",
1274 "Vulnerabilities": [
1275 {
1276 "Name": "CVE-2015-5276",
1277 "NamespaceName": "ubuntu:14.04",
1278 "Description": "The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors.",
1279 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-5276",
1280 "Severity": "Low"
1281 }
1282 ]
1283 },
1284 {
1285 "Name": "tar",
1286 "Version": "1.27.1-1ubuntu0.1",
1287 "NamespaceName": "ubuntu:14.04",
1288 "Vulnerabilities": [
1289 {
1290 "Name": "CVE-2018-20482",
1291 "NamespaceName": "ubuntu:14.04",
1292 "Description": "GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).",
1293 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20482",
1294 "Severity": "Low"
1295 }
1296 ]
1297 },
1298 {
1299 "Name": "bash",
1300 "Version": "4.3-7ubuntu1.7",
1301 "NamespaceName": "ubuntu:14.04",
1302 "Vulnerabilities": [
1303 {
1304 "Name": "CVE-2019-9924",
1305 "NamespaceName": "ubuntu:14.04",
1306 "Description": "rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.",
1307 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-9924",
1308 "Severity": "Low"
1309 }
1310 ]
1311 },
1312 {
1313 "Name": "dpkg",
1314 "Version": "1.17.5ubuntu5.8",
1315 "NamespaceName": "ubuntu:14.04",
1316 "Vulnerabilities": [
1317 {
1318 "Name": "CVE-2014-8625",
1319 "NamespaceName": "ubuntu:14.04",
1320 "Description": "Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.",
1321 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-8625",
1322 "Severity": "Low"
1323 },
1324 {
1325 "Name": "CVE-2017-8283",
1326 "NamespaceName": "ubuntu:14.04",
1327 "Description": "dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD.",
1328 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-8283",
1329 "Severity": "Negligible"
1330 }
1331 ]
1332 },
1333 {
1334 "Name": "sqlite3",
1335 "Version": "3.8.2-1ubuntu2.2",
1336 "NamespaceName": "ubuntu:14.04",
1337 "Vulnerabilities": [
1338 {
1339 "Name": "CVE-2019-5827",
1340 "NamespaceName": "ubuntu:14.04",
1341 "Description": "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
1342 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-5827",
1343 "Severity": "Low"
1344 },
1345 {
1346 "Name": "CVE-2019-8457",
1347 "NamespaceName": "ubuntu:14.04",
1348 "Description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.",
1349 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-8457",
1350 "Severity": "Medium"
1351 },
1352 {
1353 "Name": "CVE-2018-20506",
1354 "NamespaceName": "ubuntu:14.04",
1355 "Description": "SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a \"merge\" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.",
1356 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20506",
1357 "Severity": "Medium"
1358 },
1359 {
1360 "Name": "CVE-2017-2518",
1361 "NamespaceName": "ubuntu:14.04",
1362 "Description": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the \"SQLite\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement.",
1363 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-2518",
1364 "Severity": "Low"
1365 },
1366 {
1367 "Name": "CVE-2016-6153",
1368 "NamespaceName": "ubuntu:14.04",
1369 "Description": "os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.",
1370 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-6153",
1371 "Severity": "Negligible"
1372 },
1373 {
1374 "Name": "CVE-2017-13685",
1375 "NamespaceName": "ubuntu:14.04",
1376 "Description": "The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file.",
1377 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13685",
1378 "Severity": "Negligible"
1379 },
1380 {
1381 "Name": "CVE-2017-10989",
1382 "NamespaceName": "ubuntu:14.04",
1383 "Description": "The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.",
1384 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-10989",
1385 "Severity": "Negligible"
1386 },
1387 {
1388 "Name": "CVE-2018-20346",
1389 "NamespaceName": "ubuntu:14.04",
1390 "Description": "SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.",
1391 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20346",
1392 "Severity": "Medium"
1393 }
1394 ]
1395 },
1396 {
1397 "Name": "apt",
1398 "Version": "1.0.1ubuntu2.10",
1399 "NamespaceName": "ubuntu:14.04",
1400 "Vulnerabilities": [
1401 {
1402 "Name": "CVE-2019-3462",
1403 "NamespaceName": "ubuntu:14.04",
1404 "Description": "Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.",
1405 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-3462",
1406 "Severity": "High"
1407 },
1408 {
1409 "Name": "CVE-2016-1252",
1410 "NamespaceName": "ubuntu:14.04",
1411 "Description": "The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu 14.04 LTS before 1.0.1ubuntu2.17, in Ubuntu 16.04 LTS before 1.2.15ubuntu0.2, and in Ubuntu 16.10 before 1.3.2ubuntu0.1 allows man-in-the-middle attackers to bypass a repository-signing protection mechanism by leveraging improper error handling when validating InRelease file signatures.",
1412 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-1252",
1413 "Severity": "High"
1414 }
1415 ]
1416 },
1417 {
1418 "Name": "systemd",
1419 "Version": "204-5ubuntu20.13",
1420 "NamespaceName": "ubuntu:14.04",
1421 "Vulnerabilities": [
1422 {
1423 "Name": "CVE-2018-1049",
1424 "NamespaceName": "ubuntu:14.04",
1425 "Description": "In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.",
1426 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1049",
1427 "Severity": "Medium"
1428 },
1429 {
1430 "Name": "CVE-2018-20839",
1431 "NamespaceName": "ubuntu:14.04",
1432 "Description": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.",
1433 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20839",
1434 "Severity": "Medium"
1435 },
1436 {
1437 "Name": "CVE-2019-3842",
1438 "NamespaceName": "ubuntu:14.04",
1439 "Description": "In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the \"allow_active\" element rather than \"allow_any\".",
1440 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-3842",
1441 "Severity": "Medium"
1442 }
1443 ]
1444 },
1445 {
1446 "Name": "ncurses",
1447 "Version": "5.9+20140118-1ubuntu1",
1448 "NamespaceName": "ubuntu:14.04",
1449 "Vulnerabilities": [
1450 {
1451 "Name": "CVE-2017-10685",
1452 "NamespaceName": "ubuntu:14.04",
1453 "Description": "In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.",
1454 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-10685",
1455 "Severity": "Negligible"
1456 },
1457 {
1458 "Name": "CVE-2017-11112",
1459 "NamespaceName": "ubuntu:14.04",
1460 "Description": "In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.",
1461 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11112",
1462 "Severity": "Negligible"
1463 },
1464 {
1465 "Name": "CVE-2017-13734",
1466 "NamespaceName": "ubuntu:14.04",
1467 "Description": "There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack.",
1468 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13734",
1469 "Severity": "Negligible"
1470 },
1471 {
1472 "Name": "CVE-2017-13728",
1473 "NamespaceName": "ubuntu:14.04",
1474 "Description": "There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.",
1475 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13728",
1476 "Severity": "Negligible"
1477 },
1478 {
1479 "Name": "CVE-2017-11113",
1480 "NamespaceName": "ubuntu:14.04",
1481 "Description": "In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.",
1482 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11113",
1483 "Severity": "Negligible"
1484 },
1485 {
1486 "Name": "CVE-2017-13733",
1487 "NamespaceName": "ubuntu:14.04",
1488 "Description": "There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.",
1489 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13733",
1490 "Severity": "Negligible"
1491 },
1492 {
1493 "Name": "CVE-2017-13731",
1494 "NamespaceName": "ubuntu:14.04",
1495 "Description": "There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.",
1496 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13731",
1497 "Severity": "Negligible"
1498 },
1499 {
1500 "Name": "CVE-2017-13732",
1501 "NamespaceName": "ubuntu:14.04",
1502 "Description": "There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.",
1503 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13732",
1504 "Severity": "Negligible"
1505 },
1506 {
1507 "Name": "CVE-2017-16879",
1508 "NamespaceName": "ubuntu:14.04",
1509 "Description": "Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic.",
1510 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-16879",
1511 "Severity": "Negligible"
1512 },
1513 {
1514 "Name": "CVE-2017-13730",
1515 "NamespaceName": "ubuntu:14.04",
1516 "Description": "There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.",
1517 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13730",
1518 "Severity": "Negligible"
1519 },
1520 {
1521 "Name": "CVE-2017-13729",
1522 "NamespaceName": "ubuntu:14.04",
1523 "Description": "There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.",
1524 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13729",
1525 "Severity": "Negligible"
1526 },
1527 {
1528 "Name": "CVE-2017-10684",
1529 "NamespaceName": "ubuntu:14.04",
1530 "Description": "In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.",
1531 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-10684",
1532 "Severity": "Negligible"
1533 },
1534 {
1535 "Name": "CVE-2017-10685",
1536 "NamespaceName": "ubuntu:14.04",
1537 "Description": "In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.",
1538 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-10685",
1539 "Severity": "Negligible"
1540 },
1541 {
1542 "Name": "CVE-2017-11112",
1543 "NamespaceName": "ubuntu:14.04",
1544 "Description": "In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.",
1545 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11112",
1546 "Severity": "Negligible"
1547 },
1548 {
1549 "Name": "CVE-2017-13734",
1550 "NamespaceName": "ubuntu:14.04",
1551 "Description": "There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack.",
1552 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13734",
1553 "Severity": "Negligible"
1554 },
1555 {
1556 "Name": "CVE-2017-13728",
1557 "NamespaceName": "ubuntu:14.04",
1558 "Description": "There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.",
1559 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13728",
1560 "Severity": "Negligible"
1561 },
1562 {
1563 "Name": "CVE-2017-11113",
1564 "NamespaceName": "ubuntu:14.04",
1565 "Description": "In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.",
1566 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11113",
1567 "Severity": "Negligible"
1568 },
1569 {
1570 "Name": "CVE-2017-13733",
1571 "NamespaceName": "ubuntu:14.04",
1572 "Description": "There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.",
1573 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13733",
1574 "Severity": "Negligible"
1575 },
1576 {
1577 "Name": "CVE-2017-13731",
1578 "NamespaceName": "ubuntu:14.04",
1579 "Description": "There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.",
1580 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13731",
1581 "Severity": "Negligible"
1582 },
1583 {
1584 "Name": "CVE-2017-13732",
1585 "NamespaceName": "ubuntu:14.04",
1586 "Description": "There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.",
1587 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13732",
1588 "Severity": "Negligible"
1589 },
1590 {
1591 "Name": "CVE-2017-16879",
1592 "NamespaceName": "ubuntu:14.04",
1593 "Description": "Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic.",
1594 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-16879",
1595 "Severity": "Negligible"
1596 },
1597 {
1598 "Name": "CVE-2017-13730",
1599 "NamespaceName": "ubuntu:14.04",
1600 "Description": "There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.",
1601 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13730",
1602 "Severity": "Negligible"
1603 },
1604 {
1605 "Name": "CVE-2017-13729",
1606 "NamespaceName": "ubuntu:14.04",
1607 "Description": "There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.",
1608 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13729",
1609 "Severity": "Negligible"
1610 },
1611 {
1612 "Name": "CVE-2017-10684",
1613 "NamespaceName": "ubuntu:14.04",
1614 "Description": "In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.",
1615 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-10684",
1616 "Severity": "Negligible"
1617 }
1618 ]
1619 },
1620 {
1621 "Name": "dbus",
1622 "Version": "1.6.18-0ubuntu4.5",
1623 "NamespaceName": "ubuntu:14.04",
1624 "Vulnerabilities": [
1625 {
1626 "Name": "CVE-2019-12749",
1627 "NamespaceName": "ubuntu:14.04",
1628 "Description": "dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.",
1629 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-12749",
1630 "Severity": "Medium"
1631 }
1632 ]
1633 },
1634 {
1635 "Name": "libpng",
1636 "Version": "1.2.50-1ubuntu2.14.04.3",
1637 "NamespaceName": "ubuntu:14.04",
1638 "Vulnerabilities": [
1639 {
1640 "Name": "CVE-2018-14048",
1641 "NamespaceName": "ubuntu:14.04",
1642 "Description": "An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.",
1643 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-14048",
1644 "Severity": "Low"
1645 }
1646 ]
1647 },
1648 {
1649 "Name": "openldap",
1650 "Version": "2.4.31-1+nmu2ubuntu8.5",
1651 "NamespaceName": "ubuntu:14.04",
1652 "Vulnerabilities": [
1653 {
1654 "Name": "CVE-2017-14159",
1655 "NamespaceName": "ubuntu:14.04",
1656 "Description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a \"kill `cat /pathname`\" command, as demonstrated by openldap-initscript.",
1657 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-14159",
1658 "Severity": "Low"
1659 },
1660 {
1661 "Name": "CVE-2019-13565",
1662 "NamespaceName": "ubuntu:14.04",
1663 "Description": "An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.",
1664 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-13565",
1665 "Severity": "Medium"
1666 },
1667 {
1668 "Name": "CVE-2019-13057",
1669 "NamespaceName": "ubuntu:14.04",
1670 "Description": "An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)",
1671 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-13057",
1672 "Severity": "Low"
1673 }
1674 ]
1675 },
1676 {
1677 "Name": "gnupg",
1678 "Version": "1.4.16-1ubuntu2.3",
1679 "NamespaceName": "ubuntu:14.04",
1680 "Vulnerabilities": [
1681 {
1682 "Name": "CVE-2016-6313",
1683 "NamespaceName": "ubuntu:14.04",
1684 "Description": "The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.",
1685 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-6313",
1686 "Severity": "High"
1687 },
1688 {
1689 "Name": "CVE-2018-12020",
1690 "NamespaceName": "ubuntu:14.04",
1691 "Description": "mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the \"--status-fd 2\" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.",
1692 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-12020",
1693 "Severity": "Medium"
1694 },
1695 {
1696 "Name": "CVE-2019-13050",
1697 "NamespaceName": "ubuntu:14.04",
1698 "Description": "Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.",
1699 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-13050",
1700 "Severity": "Medium"
1701 },
1702 {
1703 "Name": "CVE-2017-7526",
1704 "NamespaceName": "ubuntu:14.04",
1705 "Description": "libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used.",
1706 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-7526",
1707 "Severity": "Medium"
1708 }
1709 ]
1710 },
1711 {
1712 "Name": "coreutils",
1713 "Version": "8.21-1ubuntu5.4",
1714 "NamespaceName": "ubuntu:14.04",
1715 "Vulnerabilities": [
1716 {
1717 "Name": "CVE-2016-2781",
1718 "NamespaceName": "ubuntu:14.04",
1719 "Description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
1720 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2781",
1721 "Severity": "Low"
1722 }
1723 ]
1724 },
1725 {
1726 "Name": "openssl",
1727 "Version": "1.0.1f-1ubuntu2.27",
1728 "NamespaceName": "ubuntu:14.04",
1729 "Vulnerabilities": [
1730 {
1731 "Name": "CVE-2019-1559",
1732 "NamespaceName": "ubuntu:14.04",
1733 "Description": "If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable \"non-stitched\" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).",
1734 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-1559",
1735 "Severity": "Medium"
1736 }
1737 ]
1738 },
1739 {
1740 "Name": "pcre3",
1741 "Version": "1:8.31-2ubuntu2.3",
1742 "NamespaceName": "ubuntu:14.04",
1743 "Vulnerabilities": [
1744 {
1745 "Name": "CVE-2017-11164",
1746 "NamespaceName": "ubuntu:14.04",
1747 "Description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.",
1748 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11164",
1749 "Severity": "Low"
1750 },
1751 {
1752 "Name": "CVE-2017-7245",
1753 "NamespaceName": "ubuntu:14.04",
1754 "Description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.",
1755 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-7245",
1756 "Severity": "Negligible"
1757 },
1758 {
1759 "Name": "CVE-2017-7246",
1760 "NamespaceName": "ubuntu:14.04",
1761 "Description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.",
1762 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-7246",
1763 "Severity": "Negligible"
1764 }
1765 ]
1766 },
1767 {
1768 "Name": "bzip2",
1769 "Version": "1.0.6-5",
1770 "NamespaceName": "ubuntu:14.04",
1771 "Vulnerabilities": [
1772 {
1773 "Name": "CVE-2016-3189",
1774 "NamespaceName": "ubuntu:14.04",
1775 "Description": "Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.",
1776 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3189",
1777 "Severity": "Low"
1778 },
1779 {
1780 "Name": "CVE-2016-3189",
1781 "NamespaceName": "ubuntu:14.04",
1782 "Description": "Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.",
1783 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3189",
1784 "Severity": "Low"
1785 }
1786 ]
1787 },
1788 {
1789 "Name": "procps",
1790 "Version": "1:3.3.9-1ubuntu2.2",
1791 "NamespaceName": "ubuntu:14.04",
1792 "Vulnerabilities": [
1793 {
1794 "Name": "CVE-2018-1122",
1795 "NamespaceName": "ubuntu:14.04",
1796 "Description": "procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.",
1797 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1122",
1798 "Severity": "Medium"
1799 },
1800 {
1801 "Name": "CVE-2018-1126",
1802 "NamespaceName": "ubuntu:14.04",
1803 "Description": "procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.",
1804 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1126",
1805 "Severity": "Medium"
1806 },
1807 {
1808 "Name": "CVE-2018-1124",
1809 "NamespaceName": "ubuntu:14.04",
1810 "Description": "procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.",
1811 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1124",
1812 "Severity": "Medium"
1813 },
1814 {
1815 "Name": "CVE-2018-1125",
1816 "NamespaceName": "ubuntu:14.04",
1817 "Description": "procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash.",
1818 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1125",
1819 "Severity": "Medium"
1820 },
1821 {
1822 "Name": "CVE-2018-1123",
1823 "NamespaceName": "ubuntu:14.04",
1824 "Description": "procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).",
1825 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1123",
1826 "Severity": "Medium"
1827 }
1828 ]
1829 },
1830 {
1831 "Name": "krb5",
1832 "Version": "1.12+dfsg-2ubuntu5.4",
1833 "NamespaceName": "ubuntu:14.04",
1834 "Vulnerabilities": [
1835 {
1836 "Name": "CVE-2018-5710",
1837 "NamespaceName": "ubuntu:14.04",
1838 "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function \"strlen\" is getting a \"NULL\" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.",
1839 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-5710",
1840 "Severity": "Low"
1841 },
1842 {
1843 "Name": "CVE-2018-20217",
1844 "NamespaceName": "ubuntu:14.04",
1845 "Description": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
1846 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20217",
1847 "Severity": "Medium"
1848 },
1849 {
1850 "Name": "CVE-2018-5709",
1851 "NamespaceName": "ubuntu:14.04",
1852 "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.",
1853 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-5709",
1854 "Severity": "Negligible"
1855 },
1856 {
1857 "Name": "CVE-2017-15088",
1858 "NamespaceName": "ubuntu:14.04",
1859 "Description": "plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.",
1860 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-15088",
1861 "Severity": "Negligible"
1862 }
1863 ]
1864 },
1865 {
1866 "Name": "zlib",
1867 "Version": "1:1.2.8.dfsg-1ubuntu1.1",
1868 "NamespaceName": "ubuntu:14.04",
1869 "Vulnerabilities": [
1870 {
1871 "Name": "CVE-2016-9841",
1872 "NamespaceName": "ubuntu:14.04",
1873 "Description": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
1874 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9841",
1875 "Severity": "Low"
1876 },
1877 {
1878 "Name": "CVE-2016-9842",
1879 "NamespaceName": "ubuntu:14.04",
1880 "Description": "The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.",
1881 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9842",
1882 "Severity": "Low"
1883 },
1884 {
1885 "Name": "CVE-2016-9843",
1886 "NamespaceName": "ubuntu:14.04",
1887 "Description": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.",
1888 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9843",
1889 "Severity": "Low"
1890 },
1891 {
1892 "Name": "CVE-2016-9840",
1893 "NamespaceName": "ubuntu:14.04",
1894 "Description": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.",
1895 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9840",
1896 "Severity": "Low"
1897 }
1898 ]
1899 },
1900 {
1901 "Name": "libbsd",
1902 "Version": "0.6.0-2ubuntu1",
1903 "NamespaceName": "ubuntu:14.04",
1904 "Vulnerabilities": [
1905 {
1906 "Name": "CVE-2016-2090",
1907 "NamespaceName": "ubuntu:14.04",
1908 "Description": "Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.",
1909 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2090",
1910 "Severity": "Low"
1911 }
1912 ]
1913 },
1914 {
1915 "Name": "sensible-utils",
1916 "Version": "0.0.9",
1917 "NamespaceName": "ubuntu:14.04",
1918 "Vulnerabilities": [
1919 {
1920 "Name": "CVE-2017-17512",
1921 "NamespaceName": "ubuntu:14.04",
1922 "Description": "sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument.",
1923 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-17512",
1924 "Severity": "Medium"
1925 }
1926 ]
1927 },
1928 {
1929 "Name": "vim",
1930 "Version": "2:7.4.052-1ubuntu3.1",
1931 "NamespaceName": "ubuntu:14.04",
1932 "Vulnerabilities": [
1933 {
1934 "Name": "CVE-2017-17087",
1935 "NamespaceName": "ubuntu:14.04",
1936 "Description": "fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382.",
1937 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-17087",
1938 "Severity": "Low"
1939 },
1940 {
1941 "Name": "CVE-2017-11109",
1942 "NamespaceName": "ubuntu:14.04",
1943 "Description": "Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file. NOTE: there might be a limited number of scenarios in which this has security relevance.",
1944 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11109",
1945 "Severity": "Low"
1946 },
1947 {
1948 "Name": "CVE-2017-6349",
1949 "NamespaceName": "ubuntu:14.04",
1950 "Description": "An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.",
1951 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-6349",
1952 "Severity": "Negligible"
1953 },
1954 {
1955 "Name": "CVE-2017-5953",
1956 "NamespaceName": "ubuntu:14.04",
1957 "Description": "vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.",
1958 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-5953",
1959 "Severity": "Low"
1960 },
1961 {
1962 "Name": "CVE-2017-6350",
1963 "NamespaceName": "ubuntu:14.04",
1964 "Description": "An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.",
1965 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-6350",
1966 "Severity": "Negligible"
1967 }
1968 ]
1969 },
1970 {
1971 "Name": "libtasn1-6",
1972 "Version": "3.4-3ubuntu0.6",
1973 "NamespaceName": "ubuntu:14.04",
1974 "Vulnerabilities": [
1975 {
1976 "Name": "CVE-2018-1000654",
1977 "NamespaceName": "ubuntu:14.04",
1978 "Description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.",
1979 "Link": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1000654",
1980 "Severity": "Negligible"
1981 }
1982 ]
1983 }
1984 ]
1985}