Taizhou Juchao Technology Co., Ltd. picture clear zoom APP has information leakage vulnerability

Picture Clear Enlargement App is an application that offers a wide range of image processing tools. There is an information leakage vulnerability in Picture Clear Zoom APP of Taizhou Juchao Technology Co. that can be exploited by attackers to obtain sensitive information...

MAL-2022-6313 Malicious code in storage-image-processing-api-functions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cd5fe1baa5d2f967fe24f1b3fdde3e077e889cdf7fc65c779ecd2a002bb2de8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in storage-image-processing-api-functions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cd5fe1baa5d2f967fe24f1b3fdde3e077e889cdf7fc65c779ecd2a002bb2de8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

jpeg-js denial of service vulnerability

jpeg-js is a JavaScript-based image processing program . A denial of service vulnerability exists in versions of jpeg-js prior to 0.4.4, which can be exploited by an attacker to conduct a DoS attack, as inputting a specific file will result in entering an infinite loop and never returning...

jpeg-js 安全漏洞

jpeg-js is a JavaScript-based image processing program . A denial of service vulnerability exists in versions of jpeg-js prior to 0.4.4, which can be exploited by an attacker to conduct a DoS attack, as inputting a specific file will result in entering an infinite loop and never returning...

Integer Overflow

An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is...

CVE-2022-21831

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

DEBIAN-CVE-2022-21831

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

CVE-2022-21831

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

CVE-2022-21831

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

Code injection

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

UBUNTU-CVE-2022-21831

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

Improper Control of Generation of Code ('Code Injection')

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

CVE-2022-21831

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

CVE-2022-21831

CVE-2022-21831 affects Ruby on Rails’ Active Storage (Rails >= 5.2.0). The vulnerability arises from a code-injection in the image_processing backend (mini_magick), allowing remote code execution via crafted image_processing arguments. Impact is High (CVE describes RCE; CVSSv3.1 base score 9.8...

CVE-2022-21831

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

CVE-2022-29256

sharp is an application for Node.js image processing. Prior to version 0.30.5, there is a possible vulnerability in logic that is run only at npm install time when installing versions of sharp prior to the latest v0.30.5. If an attacker has the ability to set the value of the PKGCONFIGPATH...

Design/Logic Flaw

sharp is an application for Node.js image processing. Prior to version 0.30.5, there is a possible vulnerability in logic that is run only at npm install time when installing versions of sharp prior to the latest v0.30.5. If an attacker has the ability to set the value of the PKGCONFIGPATH...

CVE-2022-29256 Possible vulnerability at 'npm install' time in sharp if an attacker has control over build environment

sharp is an application for Node.js image processing. Prior to version 0.30.5, there is a possible vulnerability in logic that is run only at npm install time when installing versions of sharp prior to the latest v0.30.5. If an attacker has the ability to set the value of the PKGCONFIGPATH...

CVE-2022-29256

CVE-2022-29256 affects sharp (Node.js image processing) versions prior to 0.30.5. If an attacker can control PKG_CONFIG_PATH in the build environment, they may inject arbitrary commands at npm install time (not a runtime issue; Windows builds are not affected). The issue is fixed in sharp v0.30.5...