2 matches found
SUSE CVE-2015-8877
The gdImageScaleTwoPass function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service memory consumption via a crafted call, as demonstrated ...
elasticsearch: Information exposure via _cluster/settings API
Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This...