{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T09:19:05.507","vulnerabilities":[{"cve":{"id":"CVE-2017-2579","sourceIdentifier":"secalert@redhat.com","published":"2018-07-27T18:29:00.313","lastModified":"2024-11-21T03:23:45.923","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution."},{"lang":"es","value":"Se ha encontrado una vulnerabilidad de lectura fuera de límites en netpbm en versiones anteriores a la 10.61. La función expandCodeOntoStack() tiene una comprobación de valor de código insuficiente, de modo que un archivo manipulado maliciosamente podría provocar que la aplicación se cierre de manera inesperada o, posiblemente, permitir la ejecución de código."}],"metrics":{"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netpbm_project:netpbm:10.61.00:*:*:*:*:*:*:*","matchCriteriaId":"CA83F226-2F68-4914-A58D-D54ABB6C5A4C"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html","source":"secalert@redhat.com"},{"url":"http://www.securityfocus.com/bid/96714","source":"secalert@redhat.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2579","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00056.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/96714","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2579","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]}]}}]}