Orthanc 安全漏洞

Orthanc is a free open-source software developed by the Orthanc company. Orthanc has a security vulnerability, which stems from an out-of-bounds read in the DecodeLookupTable function. This vulnerability could allow the decoder to read beyond the allocated memory of the lookup table, thereby...

Amazon Linux 2023 : php8.2, php8.2-bcmath, php8.2-cli (ALAS2023-2025-872)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-872 advisory. The upstream advisory describes this issue as follows: A memory-related vulnerability in PHP's filter handling system, particularly when processing input with convert.quoted-printable-decode...

php: Single byte overread with convert.quoted-printable-decode filter

A memory-related vulnerability was found in PHP’s filter handling system, particularly when processing input with convert.quoted-printable-decode filters. This issue can lead to a segmentation fault. This vulnerability is triggered through specific sequences of input data, causing PHP to crash...

Medium: php

Issue Overview: The upstream advisory describes this issue as follows: A memory-related vulnerability in PHP's filter handling system, particularly when processing input with convert.quoted-printable-decode filters, leads to a segmentation fault. This vulnerability is triggered through specific...

USN-7157-2 php7.4 regression

USN-7157-1 fixed vulnerabilities in PHP. The patch for CVE-2024-8932 caused a regression in php7.4. This update fixes the problem. Original advisory details: It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters. An attacker coul...

CVE-2024-43110 Multiple issues in ctl(4) CAM Target Layer

The ctlrequestsense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note th...

RHEL 6 / 7 : rh-ruby23-ruby (RHSA-2018:0585)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0585 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2017:3485)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3485 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

SUSE SLED15 / SLES15 Security Update : ruby2.5 (SUSE-SU-2020:0995-1)

This update for ruby2.5 to version 2.5.8 fixes the following issues : CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON bsc1167244. CVE-2020-10933: Heap exposure vulnerability in the socket library bsc1168938. Note that Tenable Network Security has extracted the preceding description...

Heap exposure vulnerability in the socket library

A heap exposure vulnerability was discovered in the socket library. This vulnerability has been assigned the CVE identifier CVE-2020-10933. We strongly recommend upgrading Ruby. When BasicSocketrecvnonblock and BasicSocketreadnonblock are invoked with size and buffer arguments, they initially...

ruby: Arbitrary heap exposure during a JSON.generate call

A buffer overflow vulnerability was found in the JSON extension of ruby. An attacker with the ability to pass a specially crafted JSON input to the extension could use this flaw to expose the interpreter's heap memory...

Important: Red Hat Security Advisory: rh-ruby23-ruby security, bug fix, and enhancement update

An update for rh-ruby23-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

ruby: Arbitrary heap exposure during a JSON.generate call

A buffer overflow vulnerability was found in the JSON extension of ruby. An attacker with the ability to pass a specially crafted JSON input to the extension could use this flaw to expose the interpreter's heap memory...

ruby: Arbitrary heap exposure during a JSON.generate call

A buffer overflow vulnerability was found in the JSON extension of ruby. An attacker with the ability to pass a specially crafted JSON input to the extension could use this flaw to expose the interpreter's heap memory...

ruby: Arbitrary heap exposure during a JSON.generate call

A buffer overflow vulnerability was found in the JSON extension of ruby. An attacker with the ability to pass a specially crafted JSON input to the extension could use this flaw to expose the interpreter's heap memory...

Amazon Linux AMI : ruby24 (ALAS-2017-915)

Arbitrary heap exposure during a JSON.generate call Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte,...

Medium: ruby24

Issue Overview: Arbitrary heap exposure during a JSON.generate call Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a...

[SECURITY] [DLA 1114-1] ruby1.9.1 security update

Package : ruby1.9.1 Version : 1.9.3.194-8.1+deb7u6 CVE ID : CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 Debian Bug : 873802 873906 875928 875931 875936 Multiple vulnerabilities were discovered in the Ruby 1.9 interpretor. CVE-2017-0898 Buff...

Fedora 25 : ruby (2017-e136d63c99)

Fix ANSI escape sequence vulnerability CVE-2017-0899. - Fix DoS vulnerability in the query command CVE-2017-0900. - Fix a vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files CVE-2017-0901. - Fix DNS request hijacking vulnerability CVE-2017-0902. - Fix...

FreeBSD : ruby -- multiple vulnerabilities (95b01379-9d52-11e7-a25c-471bafc3262f)

Ruby blog : CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf If a malicious format string which contains a precious specifier is passed and a huge minus value is also passed to the specifier, buffer underrun may be caused. In such situation, the result may contains heap, or the Ruby...