CVE-2021-21707 Special characters break path parsing in XML functions

In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexmlloadfile, URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the...

rubygem-cgi -- cookie prefix spoofing in CGI::Cookie.parse

oooooooq reports: The old versions of CGI::Cookie.parse applied URL decoding to cookie names. An attacker could exploit this vulnerability to spoof security prefixes in cookie names, which may be able to trick a vulnerable application. By this fix, CGI::Cookie.parse no longer decodes cookie names...

python-ecdsa: Unexpected and undocumented exceptions during signature decoding

An error-handling flaw was found in python-ecdsa. During signature decoding, malformed DER signatures could raise unexpected exceptions or no exceptions at all, which could lead to a denial of service...

OESA-2021-1426 SDL security update

Simple DirectMedia LayerSDL is a cross-platform development library designed\ to provide low level access to audio, keyboard, mouse, joystick, and graphics\ hardware via OpenGL and Direct3D. It is used by video playback software, emulators,\ and popular games including Valve's award winning catal...

CentOS 8 : php:7.4 (CESA-2021:4213)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4213 advisory. - php: Use of freed hash key in the pharparsezipfile function CVE-2020-7068 - php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV...

RHEL 8 : php:7.4 (RHSA-2021:4213)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4213 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later...

Mozilla Firefox Security Advisory (MFSA2013-97) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Mozilla Firefox Security Advisory (MFSA2014-17) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

php: URL decoding of cookie names can lead to different interpretation of cookies between browser and server

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like Host confused with cookies that decode to such prefix, thus leading to an attacker being...

python-pillow: Out-of-bounds read in J2K image reader

There is an out-of-bounds read in J2kDecode in j2kugrayi. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A...

Integer overflow in Pillow

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...

OS Command Injection in ohmyzsh/ohmyzsh

Description In Oh My Zsh, there is a function called omzurldecode, which is used to decode URLs. Since this function is using eval with user inputs without any sanitization, it's possible to inject arbitrary commands into the eval context, which allows an attacker to achieve the command injection...

CVE-2021-22564

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

CVE-2021-22564

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

Design/Logic Flaw

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

CVE-2021-22564 Out of bounds Copy in Libjxl in large image groups

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

openSUSE: Security Advisory for civetweb (openSUSE-SU-2021:1424-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:1424-1 Security update for civetweb

This update for civetweb fixes the following issues: Version 1.15: boo1191938 / CVE-2020-27304: missing uploaded filepath validation in the default form-based file upload mechanism New configuration for URL decoding Sanitize filenames in handle form Example “embeddedc.c”: Do not overwrite files...

Security update for civetweb (moderate)

openSUSE Security Update: Security update for civetweb Announcement ID: openSUSE-SU-2021:1424-1 Rating: moderate References: 1191938 Cross-References: CVE-2020-27304 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for civetwe...

Fedora: Security Advisory for dr_libs (FEDORA-2021-b1bfab6cb4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...