python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode()

A flaw was found in the python-idna library. A malicious argument was sent to the idna.encode function can trigger an uncontrolled resource consumption, resulting in a denial of service...

Important: python39:3.9 and python39-devel:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

ROS-20240527-03

Vulnerabilities in the idna.encode functions of the Internationalized Domain Names in Applications IDNA are associated with an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of...

[SECURITY] Fedora 40 Update: rust-uu_base32-0.0.23-3.fc40

Base32 uutils decode/encode input base32-encoding...

OESA-2024-1653 python-idna security update

A library to support the Internationalised Domain Names in Applications IDNA protocol as specified in RFC 5891 http://tools.ietf.org/html/rfc5891. This version of the protocol is often referred to as “IDNA2008” and can produce different results from the earlier standard from 2003. Security Fixes:...

UBUNTU-CVE-2021-47316

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix NULL dereference in nfs3svcencodegetaclres In error cases the dentry may be NULL. Before 20798dfe249a, the encoder also checked dentry and dreallyispositivedentry, but that looks like overkill to me--zero status should ...

AZL-40580 CVE-2024-33875 affecting package hdf5 for versions less than 1.14.4.3-1

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Olayoutencode in H5Olayout.c, resulting in the corruption of the instruction pointer...

UBUNTU-CVE-2024-33875

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Olayoutencode in H5Olayout.c, resulting in the corruption of the instruction pointer...

UBUNTU-CVE-2024-33874

HDF5 Library through 1.14.3 has a heap buffer overflow in H5Omtimenewencode in H5Omtime.c...

DEBIAN-CVE-2024-32616

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5Odtypeencodehelper in H5Odtype.c...

AZL-40579 CVE-2024-32616 affecting package hdf5 for versions less than 1.14.4.3-1

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5Odtypeencodehelper in H5Odtype.c...

UBUNTU-CVE-2024-32616

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5Odtypeencodehelper in H5Odtype.c...

CVE-2024-34712 Oceanic allows unsanitized user input to lead to path traversal in URLs

Oceanic is a NodeJS library for interfacing with Discord. Prior to version 1.10.4, input to functions such as Client.rest.channels.removeBan is not url-encoded, resulting in specially crafted input such as ../../../channels/id being normalized into the url /api/v10/channels/id, and deleting a...

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c resulting in the corruption of the instruction pointer.

...

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5O__dtype_encode_helper in H5Odtype.c.

...

HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c.

...

SUSE CVE-2024-32616

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5Odtypeencodehelper in H5Odtype.c...

SUSE CVE-2024-33874

HDF5 Library through 1.14.3 has a heap buffer overflow in H5Omtimenewencode in H5Omtime.c...

SUSE CVE-2024-33875

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Olayoutencode in H5Olayout.c, resulting in the corruption of the instruction pointer...

HDF Group HDF5 安全漏洞

HDF Group HDF5 is a suite of tools for managing and storing different types of data from the American company HDF Group. The product supports managing, manipulating, viewing and analyzing data and generating files in portable formats. A security vulnerability exists in HDF5 Library version 1.14.3...