Vulnerabilities (CVE)

Filtered by vendor Cron Project Subscribe
Filtered by product Cron
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-9705 3 Cron Project, Debian, Fedoraproject 3 Cron, Debian Linux, Fedora 2024-11-21 2.1 LOW 5.5 MEDIUM
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted.
CVE-2019-9704 3 Cron Project, Debian, Fedoraproject 3 Cron, Debian Linux, Fedora 2024-11-21 2.1 LOW 5.5 MEDIUM
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked.
CVE-2017-9525 3 Canonical, Cron Project, Debian 3 Ubuntu Linux, Cron, Debian Linux 2024-11-21 6.9 MEDIUM 6.7 MEDIUM
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs.