PDFResurrect 缓冲区错误漏洞

PDFResurrect is a tool for analyzing PDF documents to help extract old "hidden" versions of pdf from the current pdf. pdfgetversion in versions prior to PDFResurrect 0.20 has a heap buffer overflow vulnerability. . The vulnerability stems from a lack of header validation checks in PDFResurrect. N...

Oracle Linux 7 : python (ELSA-2020-5009)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5009 advisory. 2.7.5-90.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-90 - Avoid infinite loop when reading specially crafted TAR files CVE-2019-209...

Oracle Linux 7 : python3 (ELSA-2020-5010)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5010 advisory. - Avoid infinite loop when reading specially crafted TAR files CVE-2019-20907 Resolves: rhbz1856481 Tenable has extracted the preceding description blo...

python: infinite loop in the tarfile module via crafted TAR archive

A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation...

python: infinite loop in the tarfile module via crafted TAR archive

A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation...

python: infinite loop in the tarfile module via crafted TAR archive

A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation...

python: infinite loop in the tarfile module via crafted TAR archive

A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation...

python: infinite loop in the tarfile module via crafted TAR archive

A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation...

EulerOS 2.0 SP2 : python (EulerOS-SA-2020-2388)

According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker...

EulerOS 2.0 SP5 : python (EulerOS-SA-2020-2264)

According to the version of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open,...

python: infinite loop in the tarfile module via crafted TAR archive

A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation...

python: infinite loop in the tarfile module via crafted TAR archive

A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation...

python: infinite loop in the tarfile module via crafted TAR archive

A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation...

resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class

A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed...

resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class

A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed...

Medium: python27

Issue Overview: In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation. CVE-2019-20907 Affected Packages: python27 Issue Correction: Run yum update python27 or yum updat...

resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class

A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed...

Python infinite loop vulnerability

Python is a widely used high-level programming language that is general-purpose. An infinite loop vulnerability exists in Lib/tarfile.py in Python 3.8.3 and earlier. The vulnerability stems from the lack of header validation in procpax. An attacker can cause a denial of service by exploiting this...

CVE-2019-20907

A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation. Mitigation This flaw can be mitigated by not opening untrusted files with tarfile...

ALPINE-CVE-2019-20907

In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation...