2 matches found
CVE-2026-54268
The CVE affects Angular’s Date formatting in the @angular/common package. The formatDate utility (and DatePipe) can trigger a Denial of Service when confronted with a maliciously long or attacker-controlled date format string. The root cause is an internal parser that iteratively splits the forma...
DEBIAN-CVE-2018-7186
Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and...