Lucene search
PhotonPHSA-2017-0002HistoryNov 17, 2017 - 12:00 a.m.
Critical Photon OS Security Update - PHSA-2017-0002
2017-11-1700:00:00
github.com
17
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.955 High
EPSS
Percentile
99.4%
Updates of [‘go’, ‘bash’, ‘systemd’, ‘libtiff’, ‘curl’] packages of Photon OS have been released.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Photon | 2.0 | x86_64 | systemd-debuginfo | < 233-11.ph2 | systemd-debuginfo-233-11.ph2.x86_64.rpm |
| Photon | 2.0 | x86_64 | libtiff | < 4.0.8-5.ph2 | libtiff-4.0.8-5.ph2.x86_64.rpm |
| Photon | 2.0 | x86_64 | curl | < 7.54.1-3.ph2 | curl-7.54.1-3.ph2.x86_64.rpm |
| Photon | 2.0 | x86_64 | systemd-lang | < 233-11.ph2 | systemd-lang-233-11.ph2.x86_64.rpm |
| Photon | 2.0 | x86_64 | bash | < 4.4.12-1.ph2 | bash-4.4.12-1.ph2.x86_64.rpm |
| Photon | 2.0 | x86_64 | curl-devel | < 7.54.1-3.ph2 | curl-devel-7.54.1-3.ph2.x86_64.rpm |
| Photon | 2.0 | x86_64 | go-debuginfo | < 1.9.1-1.ph2 | go-debuginfo-1.9.1-1.ph2.x86_64.rpm |
| Photon | 2.0 | x86_64 | libtiff-debuginfo | < 4.0.8-5.ph2 | libtiff-debuginfo-4.0.8-5.ph2.x86_64.rpm |
| Photon | 2.0 | x86_64 | curl-libs | < 7.54.1-3.ph2 | curl-libs-7.54.1-3.ph2.x86_64.rpm |
| Photon | 2.0 | x86_64 | curl-debuginfo | < 7.54.1-3.ph2 | curl-debuginfo-7.54.1-3.ph2.x86_64.rpm |
Related
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2017-0045
2017-11-17 00:00:00
Important Photon OS Security Update - PHSA-2017-0084
2017-11-15 00:00:00
Critical Photon OS Security Update - PHSA-2017-0082
2017-11-08 00:00:00
nessus
nessus
Photon OS 2.0: Curl PHSA-2017-0045
2019-02-07 00:00:00
Fedora 26 : curl (2017-f1ffd18079)
2017-08-14 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package curl version 7.55.0-alt1
2017-08-09 00:00:00
Security fix for the ALT Linux 8 package curl version 7.56.0-alt1
2017-10-04 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0281)
2022-01-28 00:00:00
Slackware: Security Advisory (SSA:2017-221-01)
2022-04-21 00:00:00
Debian: Security Advisory (DSA-3992-1)
2017-10-05 00:00:00
slackware
slackware
[slackware-security] curl
2017-08-09 20:47:02
[slackware-security] curl
2017-10-06 06:33:52
debian
debian
[SECURITY] [DSA 3992-1] curl security update
2017-10-06 20:43:43
[SECURITY] [DSA 3992-1] curl security update
2017-10-06 20:43:43
[SECURITY] [DLA 1148-1] golang security update
2017-10-27 15:43:41
archlinux
archlinux
[ASA-201708-16] curl: information disclosure
2017-08-22 00:00:00
[ASA-201710-4] lib32-libcurl-gnutls: multiple issues
2017-10-05 00:00:00
[ASA-201710-7] libcurl-compat: multiple issues
2017-10-05 00:00:00
mageia
mageia
Updated curl packages fix security vulnerabilities
2017-08-19 12:58:33
Updated bash packages fix security vulnerability
2017-01-06 11:28:18
Updated golang packages fix security vulnerability
2017-06-30 00:40:57
amazon
amazon
Medium: curl
2017-08-31 17:19:00
Medium: curl
2017-11-02 20:18:00
osv
osv
curl - security update
2017-10-06 00:00:00
CVE-2017-1000099
2017-10-05 01:29:04
CVE-2016-9401
2017-01-23 21:59:02
freebsd
freebsd
cURL -- multiple vulnerabilities
2017-08-09 00:00:00
cURL -- out of bounds read
2017-10-04 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: curl-7.53.1-10.fc26
2017-08-13 20:56:17
[SECURITY] Fedora 25 Update: curl-7.51.0-9.fc25
2017-08-14 00:56:15
[SECURITY] Fedora 26 Update: golang-1.8.3-2.fc26
2017-07-27 16:53:50
cloudfoundry
cloudfoundry
USN-3441-1: curl vulnerabilities | Cloud Foundry
2017-11-01 00:00:00
ubuntu
ubuntu
curl vulnerabilities
2017-10-10 00:00:00
curl vulnerabilities
2017-10-23 00:00:00
systemd vulnerability
2017-10-26 00:00:00
gentoo
gentoo
cURL: Multiple vulnerabilities
2017-09-17 00:00:00
ibm
ibm
redhatcve
redhatcve
CVE-2017-1000099
2017-08-09 06:50:00
CVE-2016-9401
2016-11-18 09:17:17
CVE-2017-1000101
2017-08-09 06:49:45
cve
cve
CVE-2017-1000099
2017-10-05 01:29:04
CVE-2017-1000101
2017-10-05 01:29:04
CVE-2017-15041
2017-10-05 21:29:00
cvelist
cvelist
CVE-2017-1000099
2017-10-04 01:00:00
CVE-2017-15041
2017-10-05 21:00:00
CVE-2017-1000254
2017-10-06 13:00:00
alpinelinux
alpinelinux
CVE-2017-1000099
2017-10-05 01:29:04
CVE-2017-1000101
2017-10-05 01:29:04
CVE-2017-1000254
2017-10-06 13:29:00
debiancve
debiancve
CVE-2017-1000099
2017-10-05 01:29:04
CVE-2017-15908
2017-10-26 14:29:00
CVE-2017-1000101
2017-10-05 01:29:04
veracode
veracode
Information Disclosure
2020-05-10 23:24:44
Remote Code Execution (RCE)
2019-01-15 09:20:33
Remote Code Execution (RCE)
2017-10-06 01:57:43
nvd
nvd
CVE-2017-1000099
2017-10-05 01:29:04
CVE-2017-1000101
2017-10-05 01:29:04
CVE-2017-15041
2017-10-05 21:29:00
prion
prion
Heap overflow
2017-10-05 01:29:00
Heap overflow
2017-10-05 01:29:00
Design/Logic Flaw
2017-10-26 14:29:00
ubuntucve
ubuntucve
CVE-2017-1000099
2017-10-05 00:00:00
CVE-2017-15041
2017-10-05 00:00:00
CVE-2017-1000101
2017-10-04 00:00:00
zdi
zdi
hackerone
hackerone
Internet Bug Bounty: CVE-2017-1000101: cURL: URL globbing out of bounds read
2017-08-01 18:13:51
oraclelinux
oraclelinux
golang security, bug fix, and enhancement update
2017-08-09 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.955 High
EPSS
Percentile
99.4%
Related for PHSA-2017-0002