Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
rosalinuxROSA LABROSA-SA-2021-1872
HistoryJul 02, 2021 - 5:14 p.m.

Advisory ROSA-SA-2021-1872

2021-07-0217:14:36
ROSA LAB
abf.rosalinux.ru
6

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

77.3%

JSON

Software: libgxps 0.3.0
OS: Cobalt 7.9

CVE-ID: CVE-2018-10733
CVE-Crit: MEDIUM
CVE-DESC: There is a heap-based buffer overflow in the ft_font_face_hash function of the gxps-fonts.c file in libgxps before version 0.3.0. The input created will result in a remote denial of service attack.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2018-10767
CVE-Crit: MEDIUM
CVE-DESC: A GLib call to the gxps_images_guess_content_type function from gxps-images.c in libgxps prior to version 0.3.0 causes a stack-based buffer overread because it does not reject negative return values from the g_input_stream_read call. The input created will result in a remote denial of service attack.
CVE-STATUS: default
CVE-REV: default

OSVersionArchitecturePackageVersionFilename
Cobaltanynoarchlibgxps< 0.3.0UNKNOWN

Related

nessus 15
fedora 5
openvas 13
redhatcve 2
ubuntucve 2
debiancve 2
osv 2
mageia 1
veracode 2
cve 2
suse 1
prion 2
f5 2
oraclelinux 1
centos 1
redhat 2
nessus
nessus
NewStart CGSL CORE 5.04 / MAIN 5.04 : libgxps Multiple Vulnerabilities (NS-SA-2019-0044)
2019-08-12 00:00:00
Fedora 27 : libgxps (2018-46f3f13c68)
2018-05-17 00:00:00
Fedora 28 : libgxps (2018-078b082cbe)
2019-01-03 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: libgxps-0.3.0-4.fc27
2018-05-16 13:46:17
[SECURITY] Fedora 27 Update: libgxps-0.3.0-5.fc27
2018-07-01 01:36:09
[SECURITY] Fedora 28 Update: libgxps-0.3.0-5.fc28
2018-06-26 17:35:44
openvas
openvas
Fedora Update for libgxps FEDORA-2018-46f3f13c68
2018-05-17 00:00:00
Fedora Update for libgxps FEDORA-2018-078b082cbe
2018-05-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0720-1)
2021-06-09 00:00:00
redhatcve
redhatcve
CVE-2018-10733
2018-05-08 21:48:43
CVE-2018-10767
2018-05-09 04:49:17
ubuntucve
ubuntucve
CVE-2018-10733
2018-05-04 00:00:00
CVE-2018-10767
2018-05-06 00:00:00
debiancve
debiancve
CVE-2018-10733
2018-05-04 17:29:00
CVE-2018-10767
2018-05-06 23:29:00
osv
osv
CVE-2018-10733
2018-05-04 17:29:00
CVE-2018-10767
2018-05-06 23:29:00
mageia
mageia
Updated libgxps packages fix security vulnerabilities
2019-01-05 21:30:16
veracode
veracode
Denial Of Service (DoS)
2019-05-16 03:19:03
Denial Of Service (DOS)
2019-05-16 03:19:05
cve
cve
CVE-2018-10733
2018-05-04 17:29:00
CVE-2018-10767
2018-05-06 23:29:00
suse
suse
Security update for libgxps (moderate)
2019-04-02 00:00:00
prion
prion
Heap overflow
2018-05-04 17:29:00
Stack overflow
2018-05-06 23:29:00
f5
f5
K62506335 : libgxps vulnerability CVE-2018-10733
2022-08-01 00:00:00
K18407453 : Glib vulnerabilities CVE-2018-10767, CVE-2019-12450, and CVE-2019-19126
2022-04-25 00:00:00
oraclelinux
oraclelinux
GNOME security, bug fix, and enhancement update
2018-11-05 00:00:00
centos
centos
PackageKit, accountsservice, adwaita, appstream, at, atk, baobab, bolt, brasero, cairo, cheese, clutter, compat, control, dconf, devhelp, ekiga, empathy, eog, evince, evolution, file, flatpak, folks, fontconfig, freetype, fribidi, fwupd, fwupdate, gcr, gdk, gdm, gedit, geoclue2, geocode, gjs, glade, glib, glib2, glibmm24, gnome, gnote, gobject, gom, google, grilo, gsettings, gspell, gssdp, gstreamer1, gtk, gtk3, gtksourceview3, gucharmap, gupnp, gvfs, harfbuzz, json, libappstream, libchamplain, libcroco, libgdata, libgee, libgepub, libgexiv2, libgnomekbd, libgovirt, libgtop2, libgweather, libgxps, libical, libmediaart, libosinfo, libpeas, librsvg2, libsecret, libsoup, libwayland, libwnck3, mozjs52, mutter, nautilus, openchange, osinfo, pango, poppler, python2, rest, rhythmbox, seahorse, shotwell, sushi, totem, upower, vala, valadoc, vino, vte, vte291, wayland, webkitgtk4, xdg, yelp, zenity security update
2018-11-15 18:43:07
redhat
redhat
(RHSA-2018:3140) Moderate: GNOME security, bug fix, and enhancement update
2018-10-30 04:22:45
(RHSA-2018:3505) Critical: Red Hat Ansible Tower 3.3.1-2 Release - Container Image
2018-11-06 15:39:03

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

77.3%

JSON
Related for ROSA-SA-2021-1872
nessus15fedora5openvas13redhatcve2ubuntucve2debiancve2osv2mageia1veracode2cve2suse1prion2f52oraclelinux1centos1redhat2