cve-2015-7036

Vulnerability from cvelistv5

Published

2015-11-22 02:00

Modified

2024-08-06 07:36

Severity ?

Summary

References

URL	Tags
product-security@apple.com	http://support.apple.com/kb/HT204941	Vendor Advisory
product-security@apple.com	http://support.apple.com/kb/HT204942	Vendor Advisory
product-security@apple.com	http://zerodayinitiative.com/advisories/ZDI-15-570/
product-security@apple.com	https://security.gentoo.org/glsa/201612-21
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT204941	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT204942	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://zerodayinitiative.com/advisories/ZDI-15-570/
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/201612-21

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:36:35.252Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT204941"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://zerodayinitiative.com/advisories/ZDI-15-570/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT204942"
          },
          {
            "name": "GLSA-201612-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201612-21"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-11-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-30T16:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT204941"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://zerodayinitiative.com/advisories/ZDI-15-570/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT204942"
        },
        {
          "name": "GLSA-201612-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201612-21"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2015-7036",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT204941",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT204941"
            },
            {
              "name": "http://zerodayinitiative.com/advisories/ZDI-15-570/",
              "refsource": "MISC",
              "url": "http://zerodayinitiative.com/advisories/ZDI-15-570/"
            },
            {
              "name": "http://support.apple.com/kb/HT204942",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT204942"
            },
            {
              "name": "GLSA-201612-21",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201612-21"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2015-7036",
    "datePublished": "2015-11-22T02:00:00",
    "dateReserved": "2015-09-16T00:00:00",
    "dateUpdated": "2024-08-06T07:36:35.252Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-7036\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2015-11-22T03:59:02.953\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n fts3_tokenizer en SQLite, como se usa en Apple iOS en versiones anteriores a 8.4 y OS X en versiones anteriores a 10.10.4, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un comando SQL que desencadena una llamada API con un valor de puntero manipulado en el segundo argumento.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.10.3\",\"matchCriteriaId\":\"68566BD8-D5DD-4747-9C9A-59154400EBFA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.3\",\"matchCriteriaId\":\"EB31BE7C-CB6D-447E-AFF8-618998950FC5\"}]}]}],\"references\":[{\"url\":\"http://support.apple.com/kb/HT204941\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT204942\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://zerodayinitiative.com/advisories/ZDI-15-570/\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://security.gentoo.org/glsa/201612-21\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT204941\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT204942\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://zerodayinitiative.com/advisories/ZDI-15-570/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201612-21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2015-7036

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2015-7036

Aliases

CVE-2015-7036

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-7036",
    "description": "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument.",
    "id": "GSD-2015-7036"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-7036"
      ],
      "details": "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument.",
      "id": "GSD-2015-7036",
      "modified": "2023-12-13T01:20:01.265134Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2015-7036",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://support.apple.com/kb/HT204941",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT204941"
          },
          {
            "name": "http://zerodayinitiative.com/advisories/ZDI-15-570/",
            "refsource": "MISC",
            "url": "http://zerodayinitiative.com/advisories/ZDI-15-570/"
          },
          {
            "name": "http://support.apple.com/kb/HT204942",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT204942"
          },
          {
            "name": "GLSA-201612-21",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201612-21"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.10.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2015-7036"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://zerodayinitiative.com/advisories/ZDI-15-570/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://zerodayinitiative.com/advisories/ZDI-15-570/"
            },
            {
              "name": "http://support.apple.com/kb/HT204941",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT204941"
            },
            {
              "name": "http://support.apple.com/kb/HT204942",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.apple.com/kb/HT204942"
            },
            {
              "name": "GLSA-201612-21",
              "refsource": "GENTOO",
              "tags": [],
              "url": "https://security.gentoo.org/glsa/201612-21"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-01T01:29Z",
      "publishedDate": "2015-11-22T03:59Z"
    }
  }
}

ghsa-x42v-52fm-9rqq

Vulnerability from github

Published

2022-05-17 02:38

Modified

2025-04-12 12:54

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-7036"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-11-22T03:59:00Z",
    "severity": "HIGH"
  },
  "details": "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument.",
  "id": "GHSA-x42v-52fm-9rqq",
  "modified": "2025-04-12T12:54:13Z",
  "published": "2022-05-17T02:38:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7036"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201612-21"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT204941"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT204942"
    },
    {
      "type": "WEB",
      "url": "http://zerodayinitiative.com/advisories/ZDI-15-570"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SQLite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the fts3_tokenizer function. The issue lies in the optional second argument which is expected to be a pointer into a structure. An attacker can leverage this vulnerability to achieve code execution under the context of the current process. Both Apple iOS and OS X are operating systems of Apple Inc. in the United States. Apple iOS was developed for mobile devices; OS X was developed for Mac computers. SQLite is an open source embedded relational database management system based on C language developed by American software developer D.Richard Hipp. A security vulnerability exists in the 'fts3_tokenizer' function in SQLite used in Apple iOS versions prior to 8.4 and OS X versions prior to 10.10.4.

Gentoo Linux Security Advisory GLSA 201612-21

                                       https://security.gentoo.org/

Severity: Normal Title: SQLite: Multiple vulnerabilities Date: December 08, 2016 Bugs: #549258, #574420 ID: 201612-21

Synopsis

Multiple vulnerabilities were found in SQLite, the worst of which may allow execution of arbitrary code.

Background

SQLite is a C library that implements an SQL database engine.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 dev-db/sqlite < 3.11.1 >= 3.11.1

Description

Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details.

Workaround

There is no known workaround at this time.

Resolution

All sqlite users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/sqlite-3.11.1"

References

[ 1 ] CVE-2015-7036 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7036 [ 2 ] Two invalid read errors / heap overflows in SQLite (TFPA 006/2015) http://blog.fuzzing-project.org/10-Two-invalid-read-errors-heap-ove= rflows-in-SQLite-TFPA-0062015.html

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

https://security.gentoo.org/glsa/201612-21

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201511-0044",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "iphone os",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "8.3"
      },
      {
        "model": "mac os x",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.10.3"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.10 to  10.10.3"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.4   (ipad 2 or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.4   (iphone 4s or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "8.4   (ipod touch first  5 after generation )"
      },
      {
        "model": "sqlite",
        "scope": null,
        "trust": 0.7,
        "vendor": "sqlite",
        "version": null
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.10.3"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "8.3"
      },
      {
        "model": "sqlite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sqlite",
        "version": "0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10"
      },
      {
        "model": "mac os",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.10.4"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-570"
      },
      {
        "db": "BID",
        "id": "77646"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-341"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7036"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:iphone_os",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Peter Rutenbar",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-570"
      },
      {
        "db": "BID",
        "id": "77646"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-341"
      }
    ],
    "trust": 1.6
  },
  "cve": "CVE-2015-7036",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-7036",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 2.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-84997",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-7036",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-7036",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2015-7036",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201511-341",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-84997",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2015-7036",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-570"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84997"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-7036"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-341"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7036"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SQLite.  User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the fts3_tokenizer function.  The issue lies in the optional second argument which is expected to be a pointer into a structure.  An attacker can leverage this vulnerability to achieve code execution under the context of the current process. Both Apple iOS and OS X are operating systems of Apple Inc. in the United States. Apple iOS was developed for mobile devices; OS X was developed for Mac computers. SQLite is an open source embedded relational database management system based on C language developed by American software developer D.Richard Hipp. A security vulnerability exists in the \u0027fts3_tokenizer\u0027 function in SQLite used in Apple iOS versions prior to 8.4 and OS X versions prior to 10.10.4. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201612-21\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: SQLite: Multiple vulnerabilities\n     Date: December 08, 2016\n     Bugs: #549258, #574420\n       ID: 201612-21\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in SQLite, the worst of which may\nallow execution of arbitrary code. \n\nBackground\n==========\n\nSQLite is a C library that implements an SQL database engine. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  dev-db/sqlite                \u003c 3.11.1                  \u003e= 3.11.1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in SQLite. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll sqlite users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-db/sqlite-3.11.1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-7036\n      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7036\n[ 2 ] Two invalid read errors / heap overflows in SQLite (TFPA 006/2015)\n      http://blog.fuzzing-project.org/10-Two-invalid-read-errors-heap-ove=\nrflows-in-SQLite-TFPA-0062015.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-21\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-7036"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      },
      {
        "db": "ZDI",
        "id": "ZDI-15-570"
      },
      {
        "db": "BID",
        "id": "77646"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84997"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-7036"
      },
      {
        "db": "PACKETSTORM",
        "id": "140086"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-7036",
        "trust": 3.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-15-570",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "77646",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006000",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-2888",
        "trust": 0.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-341",
        "trust": 0.7
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-89914",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-84997",
        "trust": 0.1
      },
      {
        "db": "TENABLE",
        "id": "TNS-2016-13",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-7036",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "140086",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-570"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84997"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-7036"
      },
      {
        "db": "BID",
        "id": "77646"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      },
      {
        "db": "PACKETSTORM",
        "id": "140086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-341"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7036"
      }
    ]
  },
  "id": "VAR-201511-0044",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84997"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-08-14T15:34:55.514000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT204942",
        "trust": 1.5,
        "url": "https://support.apple.com/en-us/HT204942"
      },
      {
        "title": "Apple security updates",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/HT201222"
      },
      {
        "title": "APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
      },
      {
        "title": "APPLE-SA-2015-06-30-1 iOS 8.4",
        "trust": 0.8,
        "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
      },
      {
        "title": "HT204941",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/HT204941"
      },
      {
        "title": "HT204942",
        "trust": 0.8,
        "url": "http://support.apple.com/ja-jp/HT204942"
      },
      {
        "title": "HT204941",
        "trust": 0.8,
        "url": "http://support.apple.com/ja-jp/HT204941"
      },
      {
        "title": "Apple iOS  and OS X SQLite Fixes for remote code execution vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58814"
      },
      {
        "title": "The Register",
        "trust": 0.2,
        "url": "https://www.theregister.co.uk/2019/08/10/memory_corruption_sqlite/"
      },
      {
        "title": "Red Hat: CVE-2015-7036",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-7036"
      },
      {
        "title": "Tenable Security Advisories: [R3] PVS 5.1.0 Fixes Multiple Third-party Library Vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-13"
      },
      {
        "title": "Apple: OS X Yosemite v10.10.4 and Security Update 2015-005",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=50398602701d671602946005c7864211"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-570"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-7036"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-341"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84997"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7036"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://support.apple.com/kb/ht204941"
      },
      {
        "trust": 1.8,
        "url": "http://support.apple.com/kb/ht204942"
      },
      {
        "trust": 1.8,
        "url": "http://zerodayinitiative.com/advisories/zdi-15-570/"
      },
      {
        "trust": 1.3,
        "url": "https://security.gentoo.org/glsa/201612-21"
      },
      {
        "trust": 1.0,
        "url": "https://support.apple.com/en-us/ht204942"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7036"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7036"
      },
      {
        "trust": 0.7,
        "url": "http://www.securityfocus.com/bid/77646"
      },
      {
        "trust": 0.3,
        "url": "https://www.sqlite.org/"
      },
      {
        "trust": 0.3,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-15-570/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2015-7036"
      },
      {
        "trust": 0.1,
        "url": "https://www.tenable.com/security/tns-2016-13"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "https://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://blog.fuzzing-project.org/10-two-invalid-read-errors-heap-ove="
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-570"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84997"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-7036"
      },
      {
        "db": "BID",
        "id": "77646"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      },
      {
        "db": "PACKETSTORM",
        "id": "140086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-341"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7036"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-15-570"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84997"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-7036"
      },
      {
        "db": "BID",
        "id": "77646"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      },
      {
        "db": "PACKETSTORM",
        "id": "140086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-341"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7036"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-15-570"
      },
      {
        "date": "2015-11-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84997"
      },
      {
        "date": "2015-11-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-7036"
      },
      {
        "date": "2015-11-18T00:00:00",
        "db": "BID",
        "id": "77646"
      },
      {
        "date": "2015-11-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      },
      {
        "date": "2016-12-08T23:46:27",
        "db": "PACKETSTORM",
        "id": "140086"
      },
      {
        "date": "2015-11-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201511-341"
      },
      {
        "date": "2015-11-22T03:59:02.953000",
        "db": "NVD",
        "id": "CVE-2015-7036"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-15-570"
      },
      {
        "date": "2017-07-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84997"
      },
      {
        "date": "2017-07-01T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-7036"
      },
      {
        "date": "2015-11-18T00:00:00",
        "db": "BID",
        "id": "77646"
      },
      {
        "date": "2015-11-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      },
      {
        "date": "2015-11-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201511-341"
      },
      {
        "date": "2017-07-01T01:29:20.263000",
        "db": "NVD",
        "id": "CVE-2015-7036"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-341"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple iOS and  Apple OS X Used in  SQLite of  fts3_tokenizer Vulnerability in arbitrary code execution in function",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006000"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-341"
      }
    ],
    "trust": 0.6
  }
}

Action not permitted

cve-2015-7036

Vulnerability from cvelistv5

gsd-2015-7036

Vulnerability from gsd

ghsa-x42v-52fm-9rqq

Vulnerability from github

var-201511-0044

Vulnerability from variot

Synopsis

Background

Affected packages

Description

Workaround

Resolution

References

Availability

Concerns?

License

Tags