How severe is CVE-2018-16840?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2018-16840?

This is classified as CWE-416, which is a common weakness in software security.

CVE-2018-16840

MEDIUM Year: 2018

CVSS v3 Score

4.3

Medium

CVSS v2 Score

7.5

High

Weakness Type

CWE-416

View all →

Vulnerability Description

A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.

CVE-2017-5021

MEDIUM

CVSS:4.3(Medium)

A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML p...

CWE-4162017

CVE-2019-15920

MEDIUM

CVSS:4.3(Medium)

An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents ...

CWE-4162019

CVE-2019-8051

MEDIUM

CVSS:4.3(Medium)

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear...

CWE-4162019