EulerOS Virtualization 3.0.2.2 : libcroco (EulerOS-SA-2021-2143)

According to the version of the libcroco package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - libcroco through 0.6.13 has excessive recursion in crparserparseanycore in cr-parser.c, leading to stack consumption.CVE-2020-12825...

OESA-2021-1251 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: An unlimited recursion in DxeCore in EDK II.CVE-2021-28210...

Advisory ROSA-SA-2021-1926

Software: nasm 2.10.07 OS: Cobalt 7.9 CVE-ID: CVE-2018-1000667 CVE-Crit: MEDIUM CVE-DESC: NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains nasm memory corruption crash while processing a created file due to assemblyfile inname, independentptr function at asm / nasm.c: 482...

Advisory ROSA-SA-2021-1885

Software: libproxy 0.4.11 OS: Cobalt 7.9 CVE-ID: CVE-2020-25219 CVE-Crit: HIGH CVE-DESC: url :: recvline in url.cpp in libproxy 0.4.x to 0.4.15 allows a remote HTTP server to run uncontrolled recursion through a response consisting of an infinite stream with no newline character. This results in...

Advisory ROSA-SA-2021-1865

Software: libcroco 0.6.12 OS: Cobalt 7.9 CVE-ID: CVE-2017-7960 CVE-Crit: MEDIUM CVE-DESC: The crinputnewfromuri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service heap-based buffer re-read via a crafted CSS file. CVE-STATUS: default CVE-REV:...

EulerOS Virtualization for ARM 64 3.0.2.0 : libproxy (EulerOS-SA-2021-2073)

According to the version of the libproxy package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion...

Updated re2c package fixes a security vulnerability

re2c before 2.0 has uncontrolled recursion that causes stack consumption in findfixedtags CVE-2018-21232...

SUSE SLES12 Security Update : ovmf (SUSE-SU-2021:2117-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2117-1 advisory. - Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via loca...

SUSE SLES15 Security Update : ovmf (SUSE-SU-2021:2161-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2161-1 advisory. - An unlimited recursion in DxeCore in EDK II. CVE-2021-28210 - A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...

SUSE-SU-2021:2161-1 Security update for ovmf

This update for ovmf fixes the following issues: - Fixed a possible buffer overflow in IScsiDxe bsc1186151 - CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo bsc1183578 - CVE-2021-28210: ovmf: unlimited FV recursion, round 2 bsc1183579...

SUSE: Security Advisory (SUSE-SU-2021:2161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of Xen hypervisors, caused by uncontrolled recursion, allows attackers to trigger an emergency shutdown of the application.

The vulnerability of the Xen hypervisor is caused by an uncontrolled recursion. Exploiting this vulnerability can allow an attacker to cause the application to terminate abnormally...

SUSE-SU-2021:2117-1 Security update for ovmf

This update for ovmf fixes the following issues: - Fixed a possible buffer overflow in IScsiDxe bsc1186151 - CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo bsc1183578 - CVE-2021-28210: ovmf: unlimited FV recursion, round 2 bsc1183579 - CVE-2019-14584: ovmf,shi...

DEBIAN-CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

CVE-2021-28210

CVE-2021-28210 corresponds to an unlimited recursion vulnerability in the DxeCore component of EDK II. Affects EDK II implementations (DxeCore) across multiple platforms as cited in connected advisories (AstraLinux, EulerOS, Red Hat, SUSE, Ubuntu, etc.). The NVD data indicates a CVSS v3.1 base sc...

krb5 security update

1.15.1-50.0.1 - Add recursion limit for ASN.1 indefinite lengths Orabug: 32582360...