19 matches found
CVE-2020-35357 affecting package gsl for versions less than 2.8-1
CVE-2020-35357 affecting package gsl for versions less than 2.8-1. An upgraded version of the package is available that resolves this issue...
Debian: Security Advisory (DLA-3985-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3985-1] gsl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3985-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 07, 2024 https://wiki.debian.org/LTS -...
Debian dla-3985 : gsl-bin - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3985 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3985-1 [email protected] https://www.debian.org/lts/security/...
RHEL 8 : gsl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - gsl: Stack buffer overflow in gslstatsquantilefromsorteddata CVE-2020-35357 Note that Nessus has not tested for thi...
RHEL 9 : gsl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - gsl: Stack buffer overflow in gslstatsquantilefromsorteddata CVE-2020-35357 Note that Nessus has not tested for thi...
openSUSE: Security Advisory for gsl (SUSE-SU-2023:3527-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for gsl (SUSE-SU-2023:3858-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 ESM / 23.04 : GNU Scientific Library vulnerability (USN-6472-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 ESM / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6472-1 advisory. It was discovered that GNU Scientific Library incorrectly handled certain inputs. If a user or an automated system wer...
SUSE SLED12 / SLES12 Security Update : gsl (SUSE-SU-2023:4051-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4051-1 advisory. - CVE-2020-35357: Fixed a stack out of bounds read in gslstatsquantilefromsorteddata. bsc1214681 Tenable has extracted...
SUSE-SU-2023:4051-1 Security update for gsl
This update for gsl fixes the following issues: - CVE-2020-35357: Fixed a stack out of bounds read in gslstatsquantilefromsorteddata. bsc1214681...
Amazon Linux AMI : gsl (ALAS-2023-1851)
The version of gsl installed on the remote host is prior to 1.13-4.4. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1851 advisory. A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2....
Medium: gsl
Issue Overview: A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2.5 and 2.6. Processing a maliciously crafted input data for gslstatsquantilefromsorteddata of the library may lead to unexpected application...
SUSE SLED15: gsl / gsl-devel / gsl-doc / gsl-examples / gsl-gnu-hpc / etc (SUSE-SU-2023:3858-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3858-1 advisory. - CVE-2020-35357: Fixed a stack out of bounds read in gslstatsquantilefromsorteddata. bsc1214681 Tenable...
SUSE-SU-2023:3858-1 Security update for gsl
This update for gsl fixes the following issues: - CVE-2020-35357: Fixed a stack out of bounds read in gslstatsquantilefromsorteddata. bsc1214681...
[SECURITY] [DLA 3576-1] gsl security update
Debian LTS Advisory DLA-3576-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 21, 2023 https://wiki.debian.org/LTS Package : gsl Version : 2.5+dfsg-6+deb10u1 CVE ID : CVE-2020-35357 A buffer overflow can occur when calculating the quantile value using t...
SUSE-SU-2023:3527-1 Security update for gsl
This update for gsl fixes the following issues: - CVE-2020-35357: Fixed a stack out of bounds read in gslstatsquantilefromsorteddata. bsc1214681...
CVE-2020-35357
The CVE-2020-35357 entry concerns the GNU Scientific Library (GSL). The linked documents confirm a buffer overflow in gsl_stats_quantile_from_sorted_data when calculating a quantile, observable in GSL versions 2.5 and 2.6. The impact described is that a crafted input could cause arbitrary code ex...
CVE-2020-35357
A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2.5 and 2.6. Processing a maliciously crafted input data for gslstatsquantilefromsorteddata of the library may lead to unexpected application termination or arbitra...