参照: Official suse advisory, NVD, CVE.org · CVE 詳細
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-10196 severity moderate: SUSE including 48 source package names (MozillaFirefox-52.2.0esr-108.3, MozillaFirefox-52.2.0esr-72.5.2, …), 161 product×package rows across 31 product lines (SUSE Liberty Linux 7, SUSE Linux Enterprise Desktop 12 SP2, … (31 product lines)): Fixed 137, Known Not Affected 24.
Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.