AZL-38437

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-38437.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-38437

Upstream

CVE-2010-4756

Published

2011-03-02T20:00:01Z

Modified

2026-04-21T04:28:29.838972Z

Summary

CVE-2010-4756 affecting package orangefs 2.9.8-3

Details

The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.

References

https://nvd.nist.gov/vuln/detail/CVE-2010-4756

Affected packages

Azure Linux:3 / orangefs

Package

Name: orangefs
Purl: pkg:rpm/azure-linux/orangefs

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

2.9.8-3

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-38437.json"