125 matches found
CVE-2021-42614
A use after free in infowidthinternal in bkinfo.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document...
CVE-2021-42613
A double free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document...
CVE-2021-42613
CVE-2021-42613 affects Halibut 1.2, where a double free in cleanup_index() (index.c) can cause a denial of service or other unspecified impact via a crafted text document. Public sources in connected documents confirm the issue and track mitigations: Mageia reports a fix in updated halibut packag...
CVE-2021-42613
A double free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document...
CVE-2021-42612
A use after free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document...
CVE-2021-42612
The CVE-2021-42612 issue affects Halibut 1.2, with a use-after-free in cleanup_index() in index.c that can cause a segmentation fault or other unspecified impact when processing a crafted text document. Public sources in vendor advisories and third-party disclosures confirm related fixes and upda...
CVE-2021-42612
A use after free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document...
PT-2022-11632 · Halibut +2 · Halibut +2
Name of the Vulnerable Software and Affected Versions: Halibut version 1.2 Description: A use after free in cleanup index in index.c allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. Recommendations: For Halibut version 1.2, as...
PT-2022-11633 · Halibut +2 · Halibut +2
Name of the Vulnerable Software and Affected Versions: Halibut version 1.2 Description: A double free in cleanup index in index.c allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document. Recommendations: For Halibut version 1.2, consid...
Halibut 资源管理错误漏洞
Halibut is a secure, RPC-based open source communication framework from the individual developers of Octopus Deploy. A security vulnerability exists in Halibut version 1.2, which stems from a post-release reuse issue in infowidthinternal in bkinfo.c. The vulnerability is caused by an unspecified...
Halibut 资源管理错误漏洞
Halibut is a secure, RPC-based open source communication framework. Halibut version 1.2 contains a denial-of-service vulnerability that stems from a mix-up in the cleanupindex directive in index.c, which is responsible for freeing memory. An attacker could exploit this vulnerability to cause a...
Halibut 资源管理错误漏洞
Halibut is a secure, RPC-based open source communication framework from the individual developers of Octopus Deploy. A security vulnerability exists in Halibut version 1.2, which stems from a post-release reuse issue in cleanupindex in index.c. The vulnerability is caused by an unspecified text...
halibut -- Segmentation fault, denial of service or possibly other unspecified impact via a crafted text document
[email protected] reports: CVE-2021-42612: A use after free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. CVE-2021-42613: A double free in cleanupindex in index.c in Halibut 1.2 allows ...
Remote Code Execution (RCE)
halibut is vulnerable to remote code execution. The vulnerability exists due to a lack of validation on the certificate during deserialization which allows an attacker to execute malicious script on the system...
Halibut input validation error vulnerability
Halibut, a secure, RPC-based open source communication framework from Octopus Deploy individual developers, is vulnerable to an input validation error that stems from a deserialization vulnerability in versions of Halibut prior to version 4.4.7 that could allow remote execution on systems that ar...
GHSA-HPF7-4C2G-9CHF Remote Code Execution in Halibut
In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification...
Remote Code Execution in Halibut
In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification...
CVE-2021-31819
In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification...
CVE-2021-31819
In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification...
Remote code execution
In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification...