44 matches found
OSV-2020-2250 Heap-buffer-overflow in grk::t1_part1::T1Part1::decompress
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28415 Crash type: Heap-buffer-overflow READ 12 Crash state: grk::t1part1::T1Part1::decompress grk::DecompressBlockExec::open grk::T1DecompressScheduler::decompressBlock...
AZL-44193 CVE-2020-15389 affecting package openjpeg2 2.3.1-12
jp2/opjdecompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opjimagedestroy twice...
OPENSUSE-SU-2019:1196-1 Security update for libarchive
This update for libarchive fixes the following issues: Security issues fixed: - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653 - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654 - CVE-2018-1000879: Fixed a NULL Pointer Dereference...
MGASA-2016-0318 Updated libarchive packages fix security vulnerability
The updated packages fix several security vulnerabilities: A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with...