131 matches found
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...
DEBIAN-CVE-2022-21277
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...
UBUNTU-CVE-2022-21277
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...
PT-2022-6842
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 11.0.13, 17.0.1 Oracle GraalVM Enterprise Edition versions 20.3.4, 21.3.0 Description The issue is related to an easily exploitable vulnerability in the ImageIO component of Oracle Java SE and Oracle GraalVM Enterprise...
The vulnerability of the ImageIO component in operating systems such as Mac OS, tvOS, iOS, iPadOS, and watchOS allows attackers to gain unauthorized access to protected information.
The vulnerability of the ImageIO component in operating systems such as Mac OS, tvOS, iOS, iPadOS, and watchOS relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information using a...
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
Oracle Java SE 输入验证错误漏洞
Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM Enterprise Edition is an Oracle-based multilingual virtual machine for enterprise Java SE. A denial of servic...
Apple macOS Big Sur 缓冲区错误漏洞
Apple macOS Big Sur is a mobile application app from Apple USA. Apple macOS Big Sur 11.5 suffers from a buffer error vulnerability that stems from a boundary error when ImageIO processes image files. A remote attacker can exploit the vulnerability to create a specially crafted image, trick the...
The vulnerability of the ImageIO component in Mac OS operating systems allows a hacker to execute arbitrary code.
The vulnerability of the ImageIO component in Mac OS operating systems is related to writing beyond buffer boundaries in memory, as well as to operations beyond buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using malicious web conten...
Apple tvOS 缓冲区错误漏洞
Apple tvOS is an operating system for Smart TVs from Apple, Inc. tvOS suffers from a buffer error vulnerability that stems from a boundary error when processing image files in ImageIO. A remote attacker could use this vulnerability to create a specially crafted image file, trick the victim into...
Apple tvOS 缓冲区错误漏洞
Apple tvOS is an operating system for Smart TVs from Apple Inc. in the United States. tvOS suffers from a buffer error vulnerability that stems from a boundary condition in ImageIO. A remote attacker could exploit the vulnerability could create a specially crafted file, trick the victim into...
Apple tvOS 缓冲区错误漏洞
Apple tvOS is an operating system for Smart TVs from Apple Inc. in the United States. tvOS suffers from a buffer error vulnerability that stems from a boundary condition in ImageIO. A remote attacker exploiting this vulnerability could create a specially crafted file, trick a victim into opening...
About the security content of watchOS 7.5
About the security content of watchOS 7.5 This document describes the security content of watchOS 7.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
Apple macOS 输入验证错误漏洞
Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. An input validation error vulnerability exists in macOS, which arises from insufficient user-supplied input validation within the ImageIO component. The following products and versions are affected: macOS: 11...
PT-2021-5394 · Apple · Imageio +5
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.3 iOS versions prior to 14.5 iPadOS versions prior to 14.5 watchOS versions prior to 7.4 tvOS versions prior to 14.5 Description: The issue is related to an out-of-bounds write in the ImageIO component, which can be...