Vulnerability Details

Feed Type Docker
Title CVE-2017-12424
Description In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.

Severity: High
More Information: https://security-tracker.debian.org/tracker/CVE-2017-12424

Namespace: debian:9
Feature: shadow
Feature Version: 1:4.4-4.1
Fixed By Version:
Container Layer Hash sha256:48839397421a64189661c2b86a34eb515d09a28204587a2b06b59df9f6e2d786
Source Clair
Assessment Ignore by apapadimoulis@inedo.local on 7/1/2020 1:32:23 AM
Expiration 9/29/2020 1:32:23 AM (90 days from assessment)

Comments

There are no comments for this vulnerability.