Lucene search
K

125 matches found

Debian CVE
Debian CVE
added 2022/05/24 6:30 p.m.40 views

CVE-2021-42614

A use after free in infowidthinternal in bkinfo.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document...

7.8CVSS8.1AI score0.00826EPSS
Exploits1
Cvelist
Cvelist
added 2022/05/24 6:16 p.m.19 views

CVE-2021-42613

A double free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document...

8AI score0.00826EPSS
Exploits1References2
CVE
CVE
added 2022/05/24 6:16 p.m.96 views

CVE-2021-42613

CVE-2021-42613 affects Halibut 1.2, where a double free in cleanup_index() (index.c) can cause a denial of service or other unspecified impact via a crafted text document. Public sources in connected documents confirm the issue and track mitigations: Mageia reports a fix in updated halibut packag...

7.8CVSS7.7AI score0.00826EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2022/05/24 6:16 p.m.40 views

CVE-2021-42613

A double free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document...

7.8CVSS7.8AI score0.00826EPSS
Exploits1
Cvelist
Cvelist
added 2022/05/24 6:2 p.m.22 views

CVE-2021-42612

A use after free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document...

8.1AI score0.00826EPSS
Exploits1References2
CVE
CVE
added 2022/05/24 6:2 p.m.95 views

CVE-2021-42612

The CVE-2021-42612 issue affects Halibut 1.2, with a use-after-free in cleanup_index() in index.c that can cause a segmentation fault or other unspecified impact when processing a crafted text document. Public sources in vendor advisories and third-party disclosures confirm related fixes and upda...

7.8CVSS7.8AI score0.00826EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2022/05/24 6:2 p.m.39 views

CVE-2021-42612

A use after free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document...

7.8CVSS7.9AI score0.00826EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/05/24 12:0 a.m.2 views

PT-2022-11632 · Halibut +2 · Halibut +2

Name of the Vulnerable Software and Affected Versions: Halibut version 1.2 Description: A use after free in cleanup index in index.c allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. Recommendations: For Halibut version 1.2, as...

7.8CVSS8.2AI score0.00826EPSS
Exploits3References25
Positive Technologies
Positive Technologies
added 2022/05/24 12:0 a.m.3 views

PT-2022-11633 · Halibut +2 · Halibut +2

Name of the Vulnerable Software and Affected Versions: Halibut version 1.2 Description: A double free in cleanup index in index.c allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document. Recommendations: For Halibut version 1.2, consid...

7.8CVSS8.1AI score0.00826EPSS
Exploits3References25
CNNVD
CNNVD
added 2022/05/24 12:0 a.m.3 views

Halibut 资源管理错误漏洞

Halibut is a secure, RPC-based open source communication framework from the individual developers of Octopus Deploy. A security vulnerability exists in Halibut version 1.2, which stems from a post-release reuse issue in infowidthinternal in bkinfo.c. The vulnerability is caused by an unspecified...

7.8CVSS7.5AI score0.00826EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/24 12:0 a.m.3 views

Halibut 资源管理错误漏洞

Halibut is a secure, RPC-based open source communication framework. Halibut version 1.2 contains a denial-of-service vulnerability that stems from a mix-up in the cleanupindex directive in index.c, which is responsible for freeing memory. An attacker could exploit this vulnerability to cause a...

7.8CVSS5.7AI score0.00826EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/24 12:0 a.m.4 views

Halibut 资源管理错误漏洞

Halibut is a secure, RPC-based open source communication framework from the individual developers of Octopus Deploy. A security vulnerability exists in Halibut version 1.2, which stems from a post-release reuse issue in cleanupindex in index.c. The vulnerability is caused by an unspecified text...

7.8CVSS7.5AI score0.00826EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2022/05/24 12:0 a.m.8 views

halibut -- Segmentation fault, denial of service or possibly other unspecified impact via a crafted text document

[email protected] reports: CVE-2021-42612: A use after free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. CVE-2021-42613: A double free in cleanupindex in index.c in Halibut 1.2 allows ...

7.8CVSS7.7AI score0.00826EPSS
Exploits3References3
Veracode
Veracode
added 2021/09/24 5:52 a.m.8 views

Remote Code Execution (RCE)

halibut is vulnerable to remote code execution. The vulnerability exists due to a lack of validation on the certificate during deserialization which allows an attacker to execute malicious script on the system...

9.8CVSS7.6AI score0.0228EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2021/09/24 12:0 a.m.18 views

Halibut input validation error vulnerability

Halibut, a secure, RPC-based open source communication framework from Octopus Deploy individual developers, is vulnerable to an input validation error that stems from a deserialization vulnerability in versions of Halibut prior to version 4.4.7 that could allow remote execution on systems that ar...

10CVSS3.3AI score0.0228EPSS
Exploits0References1
OSV
OSV
added 2021/09/23 11:17 p.m.11 views

GHSA-HPF7-4C2G-9CHF Remote Code Execution in Halibut

In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification...

9.8CVSS9.7AI score0.0228EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2021/09/23 11:17 p.m.46 views

Remote Code Execution in Halibut

In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification...

10CVSS6.5AI score0.0228EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2021/09/22 2:15 a.m.21 views

CVE-2021-31819

In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification...

10CVSS0.0228EPSS
Exploits0References1
OSV
OSV
added 2021/09/22 2:15 a.m.10 views

CVE-2021-31819

In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification...

9.8CVSS7.6AI score
Exploits0References1
Prion
Prion
added 2021/09/22 2:15 a.m.13 views

Remote code execution

In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification...

10CVSS9.6AI score0.0228EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder