Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-8871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The crparserparseselectorcore function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service infinite loop and CPU consumption...

7.1CVSS6.1AI score0.12996EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/08/13 12:0 a.m.21 views

Ubuntu 14.04 LTS / 18.04 LTS / 20.04 LTS : Libcroco vulnerabilities (USN-6958-1)

The remote Ubuntu 14.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6958-1 advisory. It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a hea...

7.1CVSS6.9AI score0.12996EPSS
Exploits7References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2019-0389)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.2AI score0.12996EPSS
Exploits7References4
Rosalinux
Rosalinux
added 2021/07/02 5:11 p.m.25 views

Advisory ROSA-SA-2021-1865

Software: libcroco 0.6.12 OS: Cobalt 7.9 CVE-ID: CVE-2017-7960 CVE-Crit: MEDIUM CVE-DESC: The crinputnewfromuri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service heap-based buffer re-read via a crafted CSS file. CVE-STATUS: default CVE-REV:...

7.1CVSS7.1AI score0.12996EPSS
Exploits7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2019:1468-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.12996EPSS
Exploits7References7
Tenable Nessus
Tenable Nessus
added 2020/06/18 12:0 a.m.29 views

SUSE SLED15 / SLES15 Security Update : libcroco (SUSE-SU-2020:1535-1)

This update for libcroco fixes the following issues : Security issues fixed : CVE-2017-8834: Fixed denial of service memory allocation error via a crafted CSS file bsc1043898. CVE-2017-8871: Fixed denial of service infinite loop and CPU consumption via a crafted CSS file bsc1043899. Note that...

7.1CVSS6.2AI score0.12996EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2020/05/01 12:0 a.m.67 views

EulerOS Virtualization for ARM 64 3.0.2.0 : libcroco (EulerOS-SA-2020-1559)

According to the versions of the libcroco package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The crparserparseselectorcore function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of...

7.1CVSS6.3AI score0.12996EPSS
Exploits5References3
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for libcroco (EulerOS-SA-2020-1475)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.2AI score0.12996EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for libcroco (EulerOS-SA-2019-2520)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.2AI score0.12996EPSS
Exploits7References2
OSV
OSV
added 2019/12/15 6:3 p.m.7 views

MGASA-2019-0389 Updated libcroco packages fix security vulnerability

Updated libcroco packages fix security vulnerabilities: Heap overflow input: check end of input before reading a byte CVE-2017-7960. Undefined behavior tknzr: support only max long rgb values CVE-2017-7961. Denial of service memory allocation error via a crafted CSS file CVE-2017-8834. Denial of...

7.8CVSS6.1AI score0.12996EPSS
Exploits7References3
OpenVAS
OpenVAS
added 2019/06/19 12:0 a.m.34 views

openSUSE: Security Advisory for libcroco (openSUSE-SU-2019:1575-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS6.5AI score0.12996EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2019/06/13 12:0 a.m.29 views

SUSE SLED12 / SLES12 Security Update : libcroco (SUSE-SU-2019:1468-1)

This update for libcroco fixes the following issues : Security issues fixed : CVE-2017-7960: Fixed heap overflow input: check end of input before reading a byte bsc1034481. CVE-2017-7961: Fixed undefined behavior tknzr: support only max long rgb values bsc1034482. CVE-2017-8834: Fixed denial of...

7.8CVSS6.3AI score0.12996EPSS
Exploits7References13
RedhatCVE
RedhatCVE
added 2017/06/20 2:48 p.m.27 views

CVE-2017-8871

The crparserparseselectorcore function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted CSS file...

7.1CVSS4.9AI score0.12996EPSS
Exploits4References1
UbuntuCve
UbuntuCve
added 2017/06/12 6:29 a.m.18 views

CVE-2017-8871

The crparserparseselectorcore function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted CSS file...

7.1CVSS6.8AI score0.12996EPSS
Exploits4References5
OSV
OSV
added 2017/06/12 6:29 a.m.5 views

AZL-44802 CVE-2017-8871 affecting package libcroco 0.6.13-6

The crparserparseselectorcore function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted CSS file...

6.5CVSS6.7AI score0.12996EPSS
Exploits4References1
CVE
CVE
added 2017/06/12 6:0 a.m.213 views

CVE-2017-8871

CVE-2017-8871 affects libcroco (cr-parser.c: cr_parser_parse_selector_core) where a crafted CSS file can trigger an infinite loop and CPU exhaustion, leading to denial of service. The issue is in libcroco 0.6.12; multiple bulletins note the same root cause across distros (e.g., SUSE-SU-2020:1535-...

7.1CVSS6AI score0.12996EPSS
Exploits4References4Affected Software1
0day.today
0day.today
added 2017/06/10 12:0 a.m.60 views

libcroco 0.6.12 - Denial of Service Vulnerability

Exploit for linux platform in category dos / poc libcroco multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= Libcroco is a standalone css2 parsing and manipulation library. The parser provides a low level event driven SAC like api and a css obje...

7.1CVSS6.7AI score0.12996EPSS
Exploits5
exploitpack
exploitpack
added 2017/06/09 12:0 a.m.27 views

libcroco 0.6.12 - Denial of Service

libcroco 0.6.12 - Denial of Service libcroco multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= Libcroco is a standalone css2 parsing and manipulation library. The parser provides a low level event driven SAC like api and a css object model like...

7.1CVSS6.7AI score0.12996EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/06/09 12:0 a.m.50 views

libcroco 0.6.12 - Denial of Service

libcroco multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= Libcroco is a standalone css2 parsing and manipulation library. The parser provides a low level event driven SAC like api and a css object model like api. Libcroco provides a CSS2...

7.1CVSS6.9AI score0.12996EPSS
Exploits5
Rows per page
Query Builder