CVE-2018-6758 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-6758 Interim 1 4 2021-12-09T01:44:09Z current 2021-05-30T14:10:50Z 2021-12-09T01:44:09Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-6758 The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed apache2-mod_uwsgi-2.0.19.1-3.10 uwsgi-2.0.19.1-3.10 uwsgi-emperor_pg-2.0.19.1-3.10 uwsgi-emperor_zeromq-2.0.19.1-3.10 uwsgi-gevent-2.0.19.1-3.10 uwsgi-glusterfs-2.0.19.1-3.10 uwsgi-greenlet-2.0.19.1-3.10 uwsgi-jvm-2.0.19.1-3.10 uwsgi-ldap-2.0.19.1-3.10 uwsgi-libffi-2.0.19.1-3.10 uwsgi-logzmq-2.0.19.1-3.10 uwsgi-lua-2.0.19.1-3.10 uwsgi-pam-2.0.19.1-3.10 uwsgi-php7-2.0.19.1-3.10 uwsgi-psgi-2.0.19.1-3.10 uwsgi-pypy-2.0.19.1-3.10 uwsgi-python-2.0.19.1-3.10 uwsgi-python3-2.0.19.1-3.10 uwsgi-sqlite3-2.0.19.1-3.10 uwsgi-xslt-2.0.19.1-3.10 apache2-mod_uwsgi-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-emperor_pg-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-emperor_zeromq-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-gevent-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-glusterfs-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-greenlet-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-jvm-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-ldap-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-libffi-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-logzmq-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-lua-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-pam-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-php7-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-psgi-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-pypy-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-python-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-python3-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-sqlite3-2.0.19.1-3.10 as a component of openSUSE Tumbleweed uwsgi-xslt-2.0.19.1-3.10 as a component of openSUSE Tumbleweed The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length. CVE-2018-6758 openSUSE Tumbleweed:apache2-mod_uwsgi-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-emperor_pg-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-emperor_zeromq-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-gevent-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-glusterfs-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-greenlet-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-jvm-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-ldap-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-libffi-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-logzmq-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-lua-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-pam-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-php7-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-psgi-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-pypy-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-python-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-python3-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-sqlite3-2.0.19.1-3.10 openSUSE Tumbleweed:uwsgi-xslt-2.0.19.1-3.10 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H