Sign In

CVE-2010-4756

SOURCE - nist

Summary

The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.

EPSS Score: 0.00824 (0.819)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-399

Resource Management Errors

Sources (8)

Impacted images

debian

CREATED

UPDATED

SOURCE IDCVE-2010-4756
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow
PackageTypeOS NameOS VersionAffected RangesFix Versions
debian/glibcdebdebian12>=2.36-9+deb12u4Not yet available
debian/glibcdebdebian13>=2.38-11Not yet available
debian/glibcdebdebianunstable>=2.38-11Not yet available
debian/glibcdebdebian11>=2.31-13+deb11u8Not yet available
debian/glibcdebdebian10>=2.28-10+deb10u1Not yet available

Severity and metrics

No CVSS data available from this source.

nist

CREATED

UPDATED

SOURCE IDCVE-2010-4756
EXPLOITABILITY SCORE

8

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-399

CVSS SCORE

4medium

ubuntu

CREATED

UPDATED

SOURCE IDCVE-2010-4756
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

redhat

CREATED

UPDATED

SOURCE IDCVE-2010-4756
EXPLOITABILITY SCORE

10.0

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5low

suse

CREATED

UPDATED

SOURCE IDCVE-2010-4756
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

chainguard

CREATED

UPDATED

SOURCE ID

CVE-2010-4756

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE

wolfi

CREATED

UPDATED

SOURCE ID

CVE-2010-4756

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE

inthewild

CREATED

UPDATED

SOURCE IDCVE-2010-4756
EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE