172 matches found
EulerOS 2.0 SP2 : gstreamer1-plugins-good (EulerOS-SA-2021-2377)
According to the version of the gstreamer1-plugins-good package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska...
EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2021-2389)
According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected...
EulerOS 2.0 SP2 : libmspack (EulerOS-SA-2021-2398)
According to the version of the libmspack package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathname...
EulerOS 2.0 SP2 : lz4 (EulerOS-SA-2021-2407)
According to the version of the lz4 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to...
EulerOS 2.0 SP2 : mutt (EulerOS-SA-2021-2409)
According to the version of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service mailbox unavailability by sending email messages with sequences of...
EulerOS 2.0 SP2 : python-cryptography (EulerOS-SA-2021-2428)
According to the version of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digestsize.CVE-2016-9243 Note...
EulerOS 2.0 SP2 : python-pillow (EulerOS-SA-2021-2432)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative t...
EulerOS 2.0 SP2 : libwebp (EulerOS-SA-2021-2403)
According to the versions of the libwebp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this...
EulerOS 2.0 SP2 : evince (EulerOS-SA-2021-2366)
According to the version of the evince packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The...
EulerOS 2.0 SP2 : dhcp (EulerOS-SA-2021-2365)
According to the version of the dhcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in t...
EulerOS 2.0 SP2 : cpio (EulerOS-SA-2021-2362)
According to the version of the cpio package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The cpiosafernamesuffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service out-of-bounds write via a crafted cpio...
EulerOS 2.0 SP2 : cups (EulerOS-SA-2021-1286)
According to the versions of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.CVE-2018-4180 - In macOS...
EulerOS 2.0 SP2 : python (EulerOS-SA-2021-1350)
According to the version of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP.CVE-2020-27619 Note that...
EulerOS 2.0 SP2 : cifs-utils (EulerOS-SA-2021-1284)
According to the version of the cifs-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary...
EulerOS 2.0 SP2 : perl-XML-Twig (EulerOS-SA-2021-1344)
According to the version of the perl-XML-Twig package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - perl-XML-Twig: The option to expandexternalents, documented as controlling external entity expansion in XML::Twig does not work. External...
EulerOS 2.0 SP2 : spice (EulerOS-SA-2021-1361)
According to the version of the spice package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Bot...
EulerOS 2.0 SP2 : oddjob (EulerOS-SA-2021-1334)
According to the version of the oddjob packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home...
EulerOS 2.0 SP2 : squid (EulerOS-SA-2021-1363)
According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack c...
EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2021-1367)
According to the version of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.CVE-2020-8037 Note that Tenable Network Security has...
EulerOS 2.0 SP2 : iscsi-initiator-utils (EulerOS-SA-2021-1307)
According to the versions of the iscsi-initiator-utils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when...