Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-13636
HistoryJul 17, 2019 - 12:00 a.m.

CVE-2019-13636

2019-07-1700:00:00
ubuntu.com
ubuntu.com
15

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.021

Percentile

89.3%

In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchpatch< 2.7.6-2ubuntu1.1UNKNOWN
ubuntu19.04noarchpatch< 2.7.6-3ubuntu0.1UNKNOWN
ubuntu14.04noarchpatch< 2.7.1-4ubuntu2.4+esm1UNKNOWN
ubuntu16.04noarchpatch< 2.7.5-1ubuntu0.16.04.2UNKNOWN

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.021

Percentile

89.3%