Vulnerability CVE-2016-10375: Information

Description

Yodl before 3.07.01 has a Buffer Over-read in the queue_push function in queue/queuepush.c.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2016-10375
Published: May 26, 2017
Modified: April 30, 2020
Error type identifier: CWE-119

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
yodlsisyphus4.03.00-alt14.03.00-alt2ALT-PU-2020-3157-1260600Fixed
yodlp104.03.00-alt14.03.00-alt2ALT-PU-2020-3157-1260600Fixed
yodlp94.03.00-alt24.03.00-alt2ALT-PU-2020-3186-1260601Fixed
yodlc10f14.03.00-alt14.03.00-alt2ALT-PU-2020-3157-1260600Fixed
yodlp114.03.00-alt14.03.00-alt2ALT-PU-2020-3157-1260600Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://github.com/fbb-git/yodl/issues/1
  • Patch
  • Third Party Advisory
https://github.com/fbb-git/yodl/commit/fd85f8c94182558ff1480d06a236d6fb927979a3
  • Patch
  • Third Party Advisory
[debian-lts-announce] 20200430 [SECURITY] [DLA 2194-1] yodl security update

      1. Configuration 1

        cpe:2.3:a:yodl_project:yodl:*:*:*:*:*:*:*:*
        End including
        3.06.00
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.5.3
    Back to top