PT-2022-26687

Name of the Vulnerable Software and Affected Versions py versions through 1.11.0 Description The py library allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled...

Pytest 安全漏洞

Pytest is a Python language-based testing framework from the Pytest team. A security vulnerability exists in Pytest versions prior to 1.11.0 that stems from the mishandling of its InfoSvnCommand parameter allowing remote attackers to conduct regular expression denial-of-service attacks via...

CVE-2022-42969

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not bein...

Amazon Linux 2022 : python3-subversion, subversion, subversion-devel (ALAS2022-2022-149)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-149 advisory. A flaw was found in Subversion. When using path-based authorization authz, the helper function detectchanged does not omit potentially sensitive information from log messages. In particular, if...

The vulnerability of the centralized Subversion version control system, related to improper authorization, allows a violator to gain access to confidential data.

The vulnerability of the centralized version control system Subversion is related to improper authorization. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to confidential data...

The vulnerability of the mod_dav_svn module in a centralized version control system for Subversion allows a hacker to trigger a service failure.

The vulnerability of the moddavsvn module in a centralized version control system like Subversion is related to an error in the path-based authentication rule search mechanism. Exploiting this vulnerability allows a malicious actor to cause service failures...

DEBIAN-CVE-2022-38861

The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function freempimage of libmpcodecs/mpimage.c...

MPlayer 缓冲区错误漏洞

MPlayer is an open source multimedia player from the MPlayer team. A security vulnerability exists in MPlayer SVN-r38374-13.0.1 version, mencoder SVN-r38374-13.0.1 version, which originates from a buffer overflow in the genshvideo function in MPlayer/libmpdemux/demuxmov.c. The vulnerability is...

MPlayer 数字错误漏洞

MPlayer is an open source multimedia player from the MPlayer team. A security vulnerability exists in MPlayer SVN-r38374-13.0.1 version, mencoder SVN-r38374-13.0.1 version, which originates from an easy-to-zero out via the demuxopenavi function in libmpdemux/demuxavi.c. The vulnerability is cause...

MPlayer 缓冲区错误漏洞

MPlayer is an open source multimedia player from the MPlayer team. A security vulnerability exists in MPlayer SVN-r38374-13.0.1 version, mencoder SVN-r38374-13.0.1 version, which originates from a buffer overflow in the mpgetbits function in libmpdemux/mpeghdr.c. The vulnerability is caused by a...

MPlayer 缓冲区错误漏洞

MPlayer is an open source multimedia player from the MPlayer team. A security vulnerability exists in MPlayer SVN-r38374-13.0.1 version and mencoder SVN-r38374-13.0.1 version, which stems from a buffer overflow via readaviheader in libmpdemux/aviheader.c. The vulnerability is caused by a buffer...

PT-2022-7413 · Mplayer +2 · Mplayer +2

Name of the Vulnerable Software and Affected Versions: Mplayer versions SVN-r38374-13.0.1 Description: The issue is related to a memory leak in the Mplayer media player, specifically in the files vf.c and vf vo.c, due to the lack of memory release after its effective term of service. Exploitation...

RHEL 7 : OpenShift Container Platform 4.4.33 (RHSA-2021:0282)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0282 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

RHEL 9 : subversion (RHSA-2022:4591)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4591 advisory. Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of fil...

RHEL 8 : OpenShift Container Platform 4.7.52 paackages (RHSA-2022:4909)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4909 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

RHEL 7 / 8 : OpenShift Container Platform 4.6.59 (RHSA-2022:4947)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4947 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

RHEL 7 : OpenShift Container Platform 3.11.705 (RHSA-2022:2280)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:2280 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

Amazon Linux 2022 : mod_dav_svn, python3-subversion, subversion (ALAS2022-2022-076)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-076 advisory. A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can...

Ubuntu: Security Advisory (USN-4082-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5322-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...