2 matches found
SUSE CVE-2020-14382
A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2jsonmetadata.c' in function...
PT-2018-3701 · Imagemagick +5 · Imagemagick +5
Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.0.7-28 Description: The issue is related to an off-by-one read vulnerability in the formatIPTCfromBuffer function in coders/meta.c. This vulnerability allows an attacker to read beyond the end of the buffer or...