CVE-2021-40401

CVE-2021-40401 affects Gerbv (RS-274X aperture definition tokenization) with a use-after-free in 2.7.0 (and forks) that an attacker can trigger via a crafted Gerber file to achieve code execution. Connected advisories confirm additional related CVEs (CVE-2021-40403 etc.) and describe the same fam...

Gerbv RS-274X aperture definition tokenization use-after-free vulnerability

Summary A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev commit b5f1eacd and Gerbv forked 2.7.1. A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this...

DEBIAN-CVE-2021-43854

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulnerable to regular expression denial of service ReDoS attacks. The vulnerability is present in...

CVE-2021-43854 Inefficient Regular Expression Complexity in nltk

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulnerable to regular expression denial of service ReDoS attacks. The vulnerability is present in...

The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.

...

The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.

...

python-pygments: ReDoS in multiple lexers

A denial of service attack was discovered against pygments. Some of the regular expressions used to tokenise source code for highlighting have exponential complexity. A specially crafted input file could cause pygments to take effectively infinite time to parse, consuming CPU resources and denyin...

Locked funds are debited twice from user during tokenization leading to fund loss

Handle 0xRajeev Vulnerability details Impact During tokenization of conviction scores, the user can optionally provide FSDs to be locked to let it continue conviction accrual. However, the amount of FSDs specified for locking are debited twice from the user leading to fund loss for user. This, in...

Conviction score is not updated during tokenization if funds are locked

Handle 0xRajeev Vulnerability details Impact The updateConvictionScore on Line284 of tokenizeConviction is only called if user specifies zero locked funds. This leads to loss of accounting of user’s conviction score for tokenization since the last update for user if non-zero amount of FSDs are...

Conviction totals not updated during tokenization

Handle 0xRajeev Vulnerability details Impact updateConvictionScore function returns convictionDelta and governanceDelta which need to be used immediately in a call to updateConvictionTotalsconvictionDelta, governanceDelta for updating the conviction totals of conviction and governance-enabled...

Locked funds from tokenization are credited twice to user leading to protocol fund loss

Handle 0xRajeev Vulnerability details Impact The tokens optionally locked during tokenization are released twice on acquiring conviction back from a NFT. The incorrect double debit of locked funds during tokenization has been filed as a separate finding because it is not necessarily related and...

OESA-2021-1011 golang security update

The Go Programming Language.\r\n\r\n Security Fixes:\r\n\r\n The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1025)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Undefined Behavior

encoding/xml in github.com/golang/go is vulnerable to undefined behavior. The vulnerability is possible because it does not correctly preserve the semantics of directives during tokenization round-trips...

Undefined Behavior

encoding/xml in github.com/golang/go is vulnerable to undefined behavior. The vulnerability is possible because it does not correctly preserve the semantics of directives during tokenization round-trips...

Incorrect Preservation Of Namespace Prefixes

encoding/xml in github.com/golang/go is performing incorrect preservation of namespace prefixes. An attacker is able to provide malicious inputs to cause conflicts in the way of preserving the namespace prefixes on XML elements during tokenization round-trips...

DEBIAN-CVE-2020-29509

The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

AZL-78896 CVE-2020-29511 affecting package golang 1.25.7-1

The encoding/xml package in Go all versions does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

AZL-6448 CVE-2020-29509 affecting package golang for versions less than 1.20.10-1

The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

CVE-2020-29509

The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...