CVE-2019-18602
published 2019-10-29CVE-2019-18602: OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | openafs | < openafs 1.8.5-1 (bookworm) | openafs 1.8.5-1 (bookworm) |
| openafs | openafs | < 1.6.24 | 1.6.24 |
| openafs | openafs | >= 0 < 1.8.5-1 | 1.8.5-1 |
| openafs | openafs | >= 0 < 1.8.5-1 | 1.8.5-1 |
| openafs | openafs | >= 0 < 1.8.5-1 | 1.8.5-1 |
| openafs | openafs | >= 1.8.0 < 1.8.5 | 1.8.5 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv7.5HIGH