Low
Canonical Ubuntu
It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2017-12424) It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2018-7169)
CVEs contained in this USN include: CVE-2017-12424, CVE-2018-7169.
Severity is low unless otherwise noted.
Users of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:
2022-03-10: Initial vulnerability report published.
CPE | Name | Operator | Version |
---|---|---|---|
bionic stemcells | lt | 1.61 | |
cflinuxfs3 | lt | 0.273.0 | |
cf deployment | lt | 18.0.0 |