4731 matches found
DEBIAN-CVE-2023-29407
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
CVE-2023-29407
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
CVE-2023-29407
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
UBUNTU-CVE-2023-29407
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
GO-2023-1990 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
Google Golang Security Vulnerability
Google Golang is a static, strongly typed, compiled language from Google.The syntax of Go is close to C, but with differences in variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages with a...
ngiflib Security Vulnerabilities
ngiflib is a library for decoding the GIF image format written in C. The vulnerability exists in ngiflibSDL.c file. A security vulnerability exists in ngiflib, which stems from a segmentation error in the SDLLoadAnimatedGif method of the ngiflibSDL.c file...
ngiflib Security Vulnerabilities
ngiflib is a library for decoding the GIF image format written in C. It has a vulnerability that stems from a segmentation error in the main method of the gif2tag.c file. A security vulnerability exists in ngiflib, which is caused by a segmentation error in the main method of the gif2tag.c file...
PT-2023-6960 · Golang +2 · Golang +2
Name of the Vulnerable Software and Affected Versions: Golang affected versions not specified Description: The issue is related to excessive CPU consumption during decoding. A maliciously-crafted image, specifically a tiled image with a height of 0 and a very large width, can cause this excessive...
USN-6266-1 librsvg vulnerability
Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by using an include element...
CVE-2023-3825
PTC’s KEPServerEX Versions 6.0 to 6.14.263 are vulnerable to being made to read a recursively defined object that leads to uncontrolled resource consumption. KEPServerEX uses OPC UA, a protocol which defines various object types that can be nested to create complex arrays. It does not implement a...
EulerOS Virtualization 2.10.1 : openssl (EulerOS-SA-2023-2464)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.13.6 bug fix and security update
Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...
Fedora: Security Advisory for libopenmpt (FEDORA-2023-5f840297cb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-38633
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files on the local filesystem outside of the expected area, as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element...
ngiflib 安全漏洞
ngiflib is a GIF image format decoding library written in C. A security vulnerability exists in ngiflib, which stems from the DecodeGifImg function in the file ngiflib.c containing an infinite loop...
Important: docker
Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Affected Packages: docker Issue Correction: Run dnf update docker --releasever 2023.1.20230719 or dnf update --advisory ALAS2023-2023-260 --releasever 2023.1.20230719 to update your system. More information o...
Important: rclone
Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Affected Packages: rclone Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run y...