3 matches found
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the MagicYUV decoder process in the libavcodec library. An attacker can cause a denial of service or potentially execute arbitrary code by submitting a specially crafted file that triggers an odd sliceheight valu...
Insufficient Session Expiration
Overview nocodb is a NocoDB Affected versions of this package are vulnerable to Insufficient Session Expiration through the ApiToken delete path in the token management code. An attacker can keep using a deleted API token by deleting it while the cache entry remains keyed under the token value,...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free through the ForEachModule process. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Gist - GitHub Issue - GitHub PR Credit: Ziyi Guo...