9.8

CVE-2018-16428

Exploit
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnomeGlib Version2.56.1
CanonicalUbuntu Linux Version12.04 SwEditionesm
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version16.04 SwEditionlts
CanonicalUbuntu Linux Version18.04 SwEditionlts
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.69% 0.709
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

http://www.securityfocus.com/bid/105210
Third Party Advisory
VDB Entry
https://usn.ubuntu.com/3767-1/
Third Party Advisory
https://usn.ubuntu.com/3767-2/
Third Party Advisory