VDB

GCVE-110-NCSC-2026-224

GCVE-110-NCSC-2026-224
Advisory PublishedCVSS 7.8/10
Vulnetix · Advisory published July 13, 2026
Heap buffer overflow vulnerabilities in libfetch affecting FreeBSD versions prior to patches in 12.1, 12.0, and 11.3, as well as Juniper Networks Junos OS Evolved, arise from improper URL handling with username and/or password components, enabling potential code execution.

Weaknesses (CWE)

CWE-476NULL Pointer DereferenceCWE-754Improper Check for Unusual or Exceptional ConditionsCWE-787Out-of-bounds WriteCWE-606Unchecked Input for Loop ConditionCWE-862Missing AuthorizationCWE-923Improper Restriction of Communication Channel to Intended EndpointsCWE-1284Improper Validation of Specified Quantity in InputCWE-694Use of Multiple Resources with Duplicate IdentifierCWE-466Return of Pointer Value Outside of Expected RangeCWE-1286Improper Validation of Syntactic Correctness of InputCWE-401Missing Release of Memory after Effective LifetimeCWE-820Missing SynchronizationCWE-362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')CWE-236Improper Handling of Undefined ParametersCWE-706Use of Incorrectly-Resolved Name or Reference

Risk Scores

CVSS 3.1
7.8/10
High · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
Juniper Networksvers:unknown/*

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›