227 matches found
CVE-2021-39157
detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in detect-character-encoding v0.7.0. No workaround are available and all...
CVE-2021-39157
detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in detect-character-encoding v0.7.0. No workaround are available and all...
Design/Logic Flaw
detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in detect-character-encoding v0.7.0. No workaround are available and all...
CVE-2021-39157
The CVE-2021-39157 entry relates to detect-character-encoding, a library where data matching with no charset in versions ≤0.6.0 can crash a Node.js process. The issue is resolved by upgrading to v0.7.0, as documented in Red Hat and GHSA advisories, with no workaround provided. Impact is a crash/d...
CVE-2021-39157 Improper Handling of Exceptional Conditions in detect-character-encoding
detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in detect-character-encoding v0.7.0. No workaround are available and all...
detect-character-encoding 安全漏洞
detect-character-encoding is an open source C++ plugin. A security vulnerability exists in detect-character-encoding, which stems from an authorization bypass vulnerability found in istio istio. Case-insensitive host comparisons were incorrect when computing rules specified with host or notHost...
CVE-2021-39131
ced detects character encoding using Google’s compactencdet library. In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a Buffer using Buffer.isBuffero...
CVE-2021-39131
ced detects character encoding using Google’s compactencdet library. In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a Buffer using Buffer.isBuffero...
Design/Logic Flaw
ced detects character encoding using Google’s compactencdet library. In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a Buffer using...
CVE-2021-39131
CVE-2021-39131 affects the ced JavaScript library used for character encoding detection. In ced v0.1.0, passing data types other than Buffer to ced crashes the Node.js process; this is the root cause. The issue is fixed in ced v1.0.0, with a recommended workaround: verify input is a Buffer (Buffe...
CVE-2021-39131 Improper Handling of Unexpected Data Type in ced
ced detects character encoding using Google’s compactencdet library. In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a Buffer using Buffer.isBuffero...
SUSE: Security Advisory (SUSE-SU-2019:0496-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Flawfinder - A Static Analysis Tool For Finding Vulnerabilities In C/C++ Source Code
This is "flawfinder" by David A. Wheeler. Flawfinder is a simple program that scans C/C++ source code and reports potential security flaws. It can be a useful tool for examining software for vulnerabilities, and it can also serve as a simple introduction to static source code analysis tools more...
CentOS 8 : openssh (CESA-2019:3702)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3702 advisory. - openssh: scp client improper directory name validation CVE-2018-20685 - openssh: Missing character encoding in progress display allows for spoofing o...
DEBIAN-CVE-2020-29562
The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...
Fedora: Security Advisory for oniguruma (FEDORA-2020-952c499e9d)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for oniguruma (FEDORA-2020-d53469eceb)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 31 Update: oniguruma-6.9.4-2.fc31
Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified. supported APIs: GNU regex, POSIX and Oniguruma native...
[SECURITY] Fedora 32 Update: oniguruma-6.9.5-3.rev1.fc32
Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified. supported APIs: GNU regex, POSIX and Oniguruma native...
[SECURITY] Fedora 33 Update: oniguruma-6.9.5-3.rev1.fc33
Oniguruma is a regular expressions library. The characteristics of this library is that different character encoding for every regular expression object can be specified. supported APIs: GNU regex, POSIX and Oniguruma native...