7.5
CVE-2016-2381
- EPSS 18.02%
- Published 08.04.2016 15:59:05
- Last modified 12.04.2025 10:46:40
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
Data is provided by the National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version7.0
Debian ≫ Debian Linux Version8.0
Oracle ≫ Communications Billing And Revenue Management Version7.5
Oracle ≫ Configuration Manager Version < 12.1.2.0.4
Oracle ≫ Configuration Manager Version12.1.2.0.6
Oracle ≫ Database Server Version11.2.0.4
Oracle ≫ Database Server Version12.1.0.2
Oracle ≫ Database Server Version12.2.0.1
Oracle ≫ Database Server Version18c
Oracle ≫ Database Server Version19c
Oracle ≫ Enterprise Manager Base Platform Version13.2.0.0.0
Oracle ≫ Enterprise Manager Base Platform Version13.3.0.0.0
Oracle ≫ Timesten In-memory Database Version < 18.1.2.1.0
Canonical ≫ Ubuntu Linux Version12.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version15.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 18.02% | 0.95 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.