117 matches found
CVE-2021-40391
An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev commit b5f1eacd, and the forked version of Gerbv commit 71493260. A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger thi...
CVE-2021-40391
Gerbv 2.7.0, dev (commit b5f1eacd) and forks are affected by an out-of-bounds write in the drill format T-code tool number functionality, enabling code execution via a crafted drill file. Connected notes (e.g., Mageia MGASA-2022-0260 and related advisories) confirm this CVE-2021-40391 issue and d...
CVE-2021-40391
An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev commit b5f1eacd, and the forked version of Gerbv commit 71493260. A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger thi...
PT-2021-22891 · Gerbv +3 · Gerbv +3
Name of the Vulnerable Software and Affected Versions: Gerbv version 2.7.0 Gerbv dev commit b5f1eacd Gerbv forked version commit 71493260 Description: An out-of-bounds write issue exists in the drill format T-code tool number functionality. A specially-crafted drill file can lead to code executio...
Remote Code Execution (RCE)
gerbv is vulnerable to remote code execution. The vulnerability exists due to a boundary error when processing untrusted input in the drill format T-code tool number functionality...
Gerbv 缓冲区错误漏洞
Gerbv is a Gerber file Rs-274X only viewer. It is used to view Rs-274X Gerber files, Excellon drill files and Pick-N-Place files. A security vulnerability exists in Gerbv that stems from an out-of-bounds write vulnerability in the drill format T-code utility numbering function, which can be...
Gerbv drill format T-code tool number out-of-bounds write vulnerability
Summary An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev commit b5f1eacd, and the forked version of Gerbv commit 71493260. A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to...
Cross-Site Scripting (XSS)
Apache drill-java-exec is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute arbitrary Javascript in a user's browser via the queryId...
GHSA-J823-4QCH-3RGM Deserialization of untrusted data in Jackson Databind
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...
Remote Code Execution
jackson-databind is vulnerable to remote code execution. It was possible to use the apache-drill gadget type as a serialization gadget through polymorphic typing and execute arbitrary code on the system...
CVE-2020-14060
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...
CVE-2020-14060
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...
DEBIAN-CVE-2020-14060
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...
CVE-2020-14060
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...
Design/Logic Flaw
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...
CVE-2020-14060
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...
CVE-2020-14060
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...
Cross-Site Scripting (XSS)
apache-drill is vulnerable to cross-site scripting XSS. The inputValues parameter in populateAndShowAlert function is not properly sanitized, allowing a remote attacker attacker to pass a malicious input to execute arbitrary Javascript code on the victims browser...
Insecure Cookie Handling
drill-java-exec is vulnerable to insecure cookie handling attacks. The vulnerability exists due to the lack of httpOnly flag in the response cookies, allowing the cookies to be stolen by a third party website...
Information Disclosure
Apache Drill is vulnerable to information disclosure. The application logs passwords in plain text when connecting a database, allowing a malicious user with access to the logs access to sensitive information...