Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper configuration of the LengthFieldBasedFrameDecoder value. An attacker can cause the application to exhaust JVM heap memory and disrupt service availability by sending...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper configuration of the LengthFieldBasedFrameDecoder value. An attacker can cause the application to exhaust JVM heap memory and disrupt service availability by sending...

CVE-2021-0558

In fillMainDataBuf of pvmp3framedecoder.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Andro...

CVE-2021-45928

libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallStatejxl::FrameDecoder::ProcessSections...

CVE-2021-45928

libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallStatejxl::FrameDecoder::ProcessSections...

Out-of-bounds

libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallStatejxl::FrameDecoder::ProcessSections...

CVE-2021-45928

libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallStatejxl::FrameDecoder::ProcessSections...

CVE-2021-45928

libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallStatejxl::FrameDecoder::ProcessSections...

OSV-2021-1644 Container-overflow in void jxl::CopyImageTo<int>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41608 Crash type: Container-overflow READ 4 Crash state: void jxl::CopyImageTo jxl::ModularFrameDecoder::DecodeGroup jxl::FrameDecoder::ProcessACGroup...

OSV-2021-1615 Heap-buffer-overflow in jxl::ModularFrameDecoder::DecodeGroup

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41283 Crash type: Heap-buffer-overflow READ Crash state: jxl::ModularFrameDecoder::DecodeGroup jxl::FrameDecoder::ProcessACGroup jxl::ThreadPool::RunCallStatejxl::FrameDecoder::ProcessSections...

OSV-2021-1597 UNKNOWN READ in void jxl::CopyImageTo<int>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41217 Crash type: UNKNOWN READ Crash state: void jxl::CopyImageTo jxl::ModularFrameDecoder::DecodeGroup jxl::FrameDecoder::ProcessACGroup...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. Google Android 11 suffers from an information disclosure vulnerability. The vulnerability arises due to an out-of-bounds read due to a heap buffer overflow in the fillMainDataBuf of...

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...