PYSEC-2022-43145

libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files...

GHSA-J66Q-QMRC-89RX jsonpickle unsafe deserialization

jsonpickle through 1.4.2 allows remote code execution during deserialization of a malicious payload through the decode function. This CVE is disputed by the project author as intended functionality...

GHSA-R7RM-8J6H-R933 Buffer Copy without Checking Size of Input in Pillow

libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow...

DEBIAN-CVE-2022-29217

PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT library requires that the application chooses what algorithms are supported. The application can...

GNU LibreDWG 缓冲区错误漏洞

GNU LibreDWG is a C library for processing DWG files from the GNU community.A heap buffer overflow vulnerability exists in versions of GNU LibreDWG prior to 0.12.4, which stems from a boundary error in copycompressedbytes of decoder2007.c when handling untrusted input. No detailed vulnerability...

GNU LibreDWG 缓冲区错误漏洞

GNU LibreDWG is a C library for processing DWG files from the GNU community.A heap buffer overflow vulnerability exists in versions of GNU LibreDWG prior to 0.12.4, which stems from a boundary error in copybytes of decoder2007.c when handling untrusted input. No detailed vulnerability details are...

Updated golang packages fix security vulnerability

encoding/pem: fix stack overflow in Decode. A large more than 5 MB PEM input can cause a stack overflow in Decode, leading the program to crash CVE-2022-24675 crypto/elliptic: tolerate all oversized scalars in generic P-256. A crafted scalar input longer than 32 bytes can cause P256.ScalarMult or...

AZL-9734 CVE-2022-1623 affecting package libtiff for versions less than 4.4.0-1

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...

DEBIAN-CVE-2022-1622

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...

libsixel 安全漏洞

libsixel is a package that provides encoding/decoding implementations for DEC SIXEL graphics and other converter programs. libsixel img2sixel version 1.8.6 is vulnerable to a denial-of-service vulnerability, which stems from an assertion failure error in stbijpeghuffdecode, stbimage.h:1894 . A...

CVE-2021-46440

Storing passwords in a recoverable format in the DOCUMENTATION plugin component of Strapi before 3.6.9 and 4.x before 4.1.5 allows an attacker to access a victim's HTTP request, get the victim's cookie, perform a base64 decode on the victim's cookie, and obtain a cleartext password, leading to...

Strapi 3.6.8 Password Disclosure / Insecure Handling Vulnerabilities

Exploit Title: Strapi " Exploit Author: Kitchaphan Singchai idealphase Vendor Homepage: https://strapi.io/ Software Link: https://github.com/strapi/strapi/releases Vulnerable Version: ..SNIP.. Redirecting to /documentation. Perform Base64 decoding and we got plaintext password in “documentation”...

Strapi 3.6.8 Password Disclosure / Insecure Handling

Exploit Title: Strapi " Date: 2022-03-30 Exploit Author: Kitchaphan Singchai idealphase Vendor Homepage: https://strapi.io/ Software Link: https://github.com/strapi/strapi/releases Vulnerable Version: ..SNIP.. Redirecting to /documentati...

UBUNTU-CVE-2022-1507

chafa: NULL Pointer Dereference in function gifinternaldecodeframe at libnsgif.c:599 allows attackers to cause a denial of service crash via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gifinternaldecodeframe at...

GSD-2022-1001083 usb: cdnsp: fix cdnsp_decode_trb function to properly handle ret value

usb: cdnsp: fix cdnspdecodetrb function to properly handle ret value This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.3 by commit...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the stbijpegdecodeblockprogdc function. Remediation There is no fixed version for stb. References - GitHub Issue - GitHub PR Credit: Pietro Borrello...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via the stbijpeghuffdecode function. Remediation There is no fixed version for stb. References - GitHub Issue - GitHub PR Credit: Pietro Borrello...

DEBIAN-CVE-2022-28041

stbimage.h v2.27 was discovered to contain an integer overflow via the function stbijpegdecodeblockprogdc. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors...

CVE-2022-28042

stbimage.h v2.27 was discovered to contain an heap-based use-after-free via the function stbijpeghuffdecode...

DEBIAN-CVE-2022-28048

STB v2.27 was discovered to contain an integer shift of invalid size in the component stbijpegdecodeblockprogac...