Vulnerability Details CVE-2017-0357
A heap-overflow flaw exists in the -tr loader of iucode-tool starting with v1.4 and before v2.1.1, potentially leading to SIGSEGV, or heap corruption.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2017-0357
-
cpe:2.3:a:iucode-tool_project:iucode-tool:1.4
-
cpe:2.3:a:iucode-tool_project:iucode-tool:1.5
-
cpe:2.3:a:iucode-tool_project:iucode-tool:1.5.1
-
cpe:2.3:a:iucode-tool_project:iucode-tool:1.5.2
-
cpe:2.3:a:iucode-tool_project:iucode-tool:1.6
-
cpe:2.3:a:iucode-tool_project:iucode-tool:1.6.1
-
cpe:2.3:a:iucode-tool_project:iucode-tool:2.0
-
cpe:2.3:a:iucode-tool_project:iucode-tool:2.1
-
cpe:2.3:o:debian:debian_linux:9.0