openSUSE Security Update : opensc (openSUSE-2018-1385)

This update for opensc fixes the following security issues : - CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card bsc1106998 - CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card bsc1106999 - CVE-2018-16393: Fixed buffer overflows...

CVE-2018-18701

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could leverage this vulnerability t...

Debian: Security Advisory (DLA-1562-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

libbind9.so is vulnerable to denial of service. An attacker is able to trigger an infinite recursion in lwresd and named using a non absolute name for getrrsetbyname that exceeds the maximum allowable length, resulting in a denial of service condition...

poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service infinite recursion via a crafted PDF file, as demonstrated by pdftops...

openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

DEBIAN-CVE-2018-18700

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could leverage this vulnerability to...

UBUNTU-CVE-2018-18701

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could leverage this vulnerability t...

UBUNTU-CVE-2018-18700

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could leverage this vulnerability to...

CVE-2018-18701

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could leverage this vulnerability t...

CVE-2018-18700

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could leverage this vulnerability to...

CVE-2018-18701

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could leverage this vulnerability t...

CVE-2018-18701

CVE-2018-18701 describes a stack-consumption vulnerability in GNU Binutils’ libiberty (cp-demangle.c) caused by infinite recursion in next_is_type_qual() and cplus_demangle_type(). The issue affects Binutils 2.31 and can enable a remote attacker to induce denial of service via an ELF file (demons...

Apache Ranger policy engine incorrectly matches paths in certain conditions

Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true...

GHSA-XV7X-X6WR-XX7G Apache Ranger policy engine incorrectly matches paths in certain conditions

Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true...

DEBIAN-CVE-2018-18020

In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows remote attackers to cause a denial of service via a crafted PDF file...

UBUNTU-CVE-2018-18020

In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows remote attackers to cause a denial of service via a crafted PDF file...

PT-2018-3927 · Qpdf +4 · Qpdf +4

Name of the Vulnerable Software and Affected Versions: QPDF version 8.2.1 Description: The issue is related to uncontrolled recursion in the libqpdf/QPDFWriter.cc component of the QPDF utility for converting PDF documents. This allows a remote attacker to cause a denial of service using a special...

DEBIAN-CVE-2018-17985

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplusdemangletype function making recursive calls to itself in certain scenarios involving many 'P' characters...

UBUNTU-CVE-2018-17581

CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...