Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2019-20007HistoryDec 26, 2019 - 10:15 p.m.
CVE-2019-20007
2019-12-2622:15:00
Debian Security Bug Tracker
security-tracker.debian.org
8
0.002 Low
EPSS
Percentile
55.6%
An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxml_str2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer (in some compilers). After this, the function ezxml_parse_str does not check whether the s variable is not NULL in ezxml.c, leading to a NULL pointer dereference and crash (segmentation fault).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | mapcache | <= 1.14.0-1 | mapcache_1.14.0-1_all.deb |
| Debian | 11 | all | mapcache | <= 1.10.0-2 | mapcache_1.10.0-2_all.deb |
| Debian | 10 | all | mapcache | <= 1.6.1-3 | mapcache_1.6.1-3_all.deb |
| Debian | 999 | all | mapcache | <= 1.14.0-4 | mapcache_1.14.0-4_all.deb |
| Debian | 13 | all | mapcache | <= 1.14.0-4 | mapcache_1.14.0-4_all.deb |
| Debian | 12 | all | netcdf | < 1:4.9.0-1 | netcdf_1:4.9.0-1_all.deb |
| Debian | 11 | all | netcdf | <= 1:4.7.4-1 | netcdf_1:4.7.4-1_all.deb |
| Debian | 10 | all | netcdf | <= 1:4.6.2-1 | netcdf_1:4.6.2-1_all.deb |
| Debian | 999 | all | netcdf | < 1:4.9.0-1 | netcdf_1:4.9.0-1_all.deb |
| Debian | 13 | all | netcdf | < 1:4.9.0-1 | netcdf_1:4.9.0-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2019-20007
2019-12-26 00:00:00
prion
prion
Null pointer dereference
2019-12-26 22:15:00
cvelist
cvelist
CVE-2019-20007
2019-12-26 21:55:23
cve
cve
CVE-2019-20007
2019-12-26 22:15:00
suse
suse
Security update for netcdf (important)
2021-12-02 00:00:00
Security update for netcdf (important)
2021-11-25 00:00:00
Security update for netcdf (important)
2021-11-25 00:00:00
nessus
nessus
openSUSE 15 Security Update : netcdf (openSUSE-SU-2021:3815-1)
2021-12-01 00:00:00
openSUSE 15 Security Update : netcdf (openSUSE-SU-2021:3873-1)
2021-12-03 00:00:00
openSUSE 15 Security Update : netcdf (openSUSE-SU-2021:1505-1)
2021-11-29 00:00:00
openvas
openvas
openSUSE: Security Advisory for netcdf (openSUSE-SU-2021:3804-1)
2021-11-26 00:00:00
openSUSE: Security Advisory for netcdf (openSUSE-SU-2021:3815-1)
2021-12-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3873-1)
2021-12-03 00:00:00
mageia
mageia
Updated netcdf packages fix security vulnerability
2021-12-24 00:01:45