22 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-33070
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. This vulnerability allo...
Amazon Linux 2 : protobuf-c (ALAS-2024-2619)
The version of protobuf-c installed on the remote host is prior to 1.0.2-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2619 advisory. Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in...
Low: protobuf-c
Issue Overview: Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors. CVE-2022-33070 Affected Packages: protobuf-c Note:...
RHEL 9 : protobuf-c (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - protobuf-c: invalid arithmetic shift via the function parsetagandwiretype may lead to DoS CVE-2022-33070 Note that...
RHEL 7 : protobuf-c (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - protobuf-c: invalid arithmetic shift via the function parsetagandwiretype may lead to DoS CVE-2022-33070 ...
Low: protobuf-c
Issue Overview: A flaw was found in protobuf-c. The issue occurs due to an invalid arithmetic shift via the parsetagandwiretype in the protobuf-c/protobuf-c.c function. This flaw allows attackers to cause a denial of service DoS via unspecified vectors. CVE-2022-33070 Affected Packages: protobuf-...
USN-5811-1: Sudo vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the...
Ubuntu: Security Advisory (USN-5811-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Sudo vulnerabilities (USN-5811-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5811-1 advisory. Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit...
USN-5811-1: Sudo vulnerabilities
Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files. CVE-2023-22809 It was discovered that the...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2022-2921)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2022-2947)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.1 : sudo (EulerOS-SA-2022-2947)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in...
EulerOS Virtualization 2.10.0 : sudo (EulerOS-SA-2022-2921)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2022-2669)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2022-2701)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for protobuf-c (FEDORA-2022-3be472fe11)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-33070 affecting package protobuf-c for versions less than 1.4.0-2
CVE-2022-33070 affecting package protobuf-c for versions less than 1.4.0-2. A patched version of the package is available...
OESA-2022-1789 protobuf-c security update
This is protobuf-c, a C implementation of the Google Protocol Buffers data serialization format. Security Fixes: Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a...
USN-5531-1: protobuf-c vulnerability
Pietro Borrello discovered that protobuf-c contained an invalid arithmetic shift. This vulnerability allowed attackers to cause a denial of service system crash via unspecified vectors CVE-2022-33070. It was discovered that protobuf-c contained an unsigned integer overflow. This vulnerability...