Vulnerabilities > GNU > Coreutils > 8.23
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-24 | CVE-2015-4042 | Integer Overflow or Wraparound vulnerability in GNU Coreutils Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings. | 7.5 |
| 2020-01-24 | CVE-2015-4041 | Out-of-bounds Write vulnerability in GNU Coreutils 8.23 The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via long UTF-8 strings. | 4.6 |
| 2018-01-04 | CVE-2017-18018 | Race Condition vulnerability in GNU Coreutils In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. | 1.9 |