11165 matches found
Astra Linux - уязвимость в gdk-pixbuf
There is a flaw in gdk-pixbuf, specifically within the gdkpixbufjpegimageloadincrement function io-jpeg.c, and in glib’s gbase64encodestep function glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing for out-of-bounds...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nfsd: fixed the NULL dereference in nfs3svcencodegetaclres In error cases, the dentry may be NULL. Before version 20798dfe249a, the encoder also checked dentry and dreallyispositivedentry, but I think that was unnecessary—a zero...
Astra Linux - уязвимость в twisted
In Twisted Web version 19.10.0, there was an HTTP request splitting vulnerability. When a content-length and a chunked encoding header were provided, the content-length took precedence, and the remaining part of the request body was interpreted as a pipelined request...
Astra Linux - уязвимость в ruby-nokogiri
Nokogiri is an open-source XML and HTML library for Ruby. Nokogiri contains a regular expression that is inefficient and prone to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri = 1.13.4. There are no known solutions or...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: ppp: fixed illegal access in pppasyncencode syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in...
Astra Linux - уязвимость в jruby
A vulnerability was discovered in Ruby versions 2.5.8, 2.6.x up to 2.6.6, and 2.7.x up to 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, did not rigorously check the transfer-encoding header value. An attacker could potentially exploit this vulnerability to bypass a reverse proxy which...
Astra Linux - уязвимость в tomcat9
Apache Tomcat versions 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46, and 8.5.0 to 8.5.66 failed to properly parse the HTTP transfer-encoding request header under certain circumstances, which could lead to requests for data smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly...
Astra Linux - уязвимость в ffmpeg5
FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters are being exported, as the side data would be attached in the decoder thread while being read in the output thread...
Astra Linux - уязвимость в netty
Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace such as a spaceTransfer-Encoding:chunked line and a later Content-Length header. This issue exists due to an incomplete fix for CVE-2019-16869...
Astra Linux - уязвимость в aspell
The libaspell.a file in GNU Aspell before version 0.60.8 has a buffer overflow issue for strings that end with a single '\0' byte. This issue occurs when the encoding is set to ucs-2 or ucs-4 outside of the application, as indicated by the ASPELLCONF environment variable...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fix for use-after-free in the encoder release path. The fopsvcodecrelease function frees the context structure ctx without first canceling any pending or ongoing operations in ctx-encodework. This creates...
Astra Linux - уязвимость в ffmpeg5
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, decompress and decode it into the buffer td-rlerawdata of size rlerawsize a...
Astra Linux - уязвимость в pillow
In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files, due to improper handling of offset and length tables...
Astra Linux - уязвимость в waitress
Waitress version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value. If that value was not in the “chunked” format, it would proceed using the Content-Length header instead. According to the HTTP standard, Transfer-Encoding should be a comma-separated list, wit...
Astra Linux - уязвимость в chromium, firefox, thunderbird, libvpx
A heap buffer overflow occurred in the vp8 encoding process in libvpx within Google Chrome before version 117.0.5938.132. In version 1.13.1 of libvpx, a remote attacker could potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в mbedtls
A issue was discovered in Arm Mbed TLS before version 2.24.0. The function mbedtlsx509crlparseder has a buffer over-read of one byte...
Astra Linux - уязвимость в zabbix
The HttpRequest object allows you to retrieve the HTTP headers from the server’s response after sending a request. The issue is that the returned strings are created directly from the data sent by the server and are not properly encoded for JavaScript. This enables the creation of internal string...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fs: Relaxing the assertions when encoding file handles fails The encoding of file handles is typically performed by a filesystem method called encodefh. This process may fail for various reasons. Legacy users of...
Astra Linux - уязвимость в python3.11, python3.7
When an address list is folded, and the separating comma ends up on a folded line that needs to be encoded using Unicode, then the separator itself must also be encoded using Unicode. The expected behavior is that the separating comma remains a plain comma. However, this can lead to the address...
Astra Linux - уязвимость в node-body-parser
body-parser is a Node.js body parsing middleware. body-parser version 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue has...