19 matches found
Unchecked Input for Loop Condition
Overview Affected versions of this package are vulnerable to Unchecked Input for Loop Condition via the unicodedata.normalize function. An attacker can cause excessive CPU consumption by submitting specially crafted Unicode input, potentially leading to service disruption. Remediation A fix was...
Always-Incorrect Control Flow Implementation
Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation in the EqualsUri function. An attacker can cause incorrect URI comparisons by supplying specially crafted input values. Remediation Upgrade uriparser to version 1.0.2 or higher. References -...
Cross-site Request Forgery (CSRF)
Overview misp-modules is a MISP modules are autonomous modules that can be used for expansion and other services in MISP Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the home blueprint, which was exempted from CSRF protection. An attacker can perform...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to uncontrolled recursion in the skip function. An attacker can cause a stack overflow and potentially crash the application by sending specially crafted input that triggers deep recursion. Remediation Upgrade...
Use of a Broken or Risky Cryptographic Algorithm
Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the cryptographic algorithm implementation. An attacker can compromise the confidentiality of sensitive information by exploiting weak or insufficient cryptographic algorithms...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the sixeldecode function. An attacker can cause memory corruption or a crash. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the WaveletDenoiseImage function. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - Red Hat Bugzilla Bug Credit: Hao Ren...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the PDB decoder when a memory allocation fails, leading to the use of a stale pointer. An attacker can cause a crash or trigger a single zero byte write by providing specially crafted input files. Remediation A fix was...
Out-of-Bounds
Overview Affected versions of this package are vulnerable to Out-of-Bounds in the vipsforeignloadmatrixheader function. An attacker can cause memory corruption by providing specially crafted input files to the affected process. Remediation A fix was pushed into the master branch but not yet...
Improper Resource Shutdown or Release
Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the ResolveNodeIdToIp function in the SMF component. An attacker can cause a service disruption by sending specially crafted requests remotely. Remediation Upgrade...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the parseheader function. An attacker can cause application instability or denial of service by supplying a specially crafted treemagic file that triggers a buffer underflow and out-of-bounds memory access...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the sgpipelinedescdefaults function. An attacker can execute arbitrary code or cause a crash by supplying crafted input that triggers a stack-based buffer overflow. Remediation A fix was pushed into the...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure due to LLVM optimizations that may transform constant-time implementations into non-constant-time code. An attacker can obtain sensitive information by exploiting timing discrepancies through side-channel analysis...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the elflinkaddobjectsymbols function in the Linker component. An attacker can cause a crash by supplying specially crafted input files during local processing. Remediation A fix was pushed into the master branch b...
Expired Pointer Dereference
Overview Affected versions of this package are vulnerable to Expired Pointer Dereference in the parsing process of xsl nodes. An attacker can cause the application to crash by triggering the dereference of expired pointers after memory has been freed. Remediation A fix was pushed into the master...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to a misplaced isOk check in the JBIG2Bitmap::combine function. Remediation Upgrade poppler to version 25.11.0 or higher. References - Gitlab Commit - Gitlab Issues - Gitlab PR - Red Hat Bugzilla Bug...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write due to the component blendtransformedtiledargb.isra.0. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Issue - PoC Credit: keepinggg...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation due to improper validation of GSS message tokens. An attacker can manipulate the token data to cause unauthorized actions or access by sending specially crafted tokens. Remediation A fix was pushed into the...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via the -g option of the CleanNode function. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - GitHub Issue Credit: bsdb0y...