GHSA-7MV5-5MXH-QG88 nanopb vulnerable to invalid free() call with oneofs and PB_ENABLE_MALLOC

Impact Decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and a non-pointer field. If the message data first contains the non-pointer field and then the pointer field, the...

nanopb vulnerable to invalid free() call with oneofs and PB_ENABLE_MALLOC

Impact Decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and a non-pointer field. If the message data first contains the non-pointer field and then the pointer field, the...

CVE-2021-21401 Invalid free() call in Nanopb

Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and ...

GLSA-200806-10 : FreeType: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200806-10 FreeType: User-assisted execution of arbitrary code Regenrecht reported multiple vulnerabilities in FreeType via iDefense: An integer overflow when parsing values in the Private dictionary table in a PFB file, leading to...

FreeType: User-assisted execution of arbitrary code

Background FreeType is a font rendering library for TrueType Font TTF and Printer Font Binary PFB. Description Regenrecht reported multiple vulnerabilities in FreeType via iDefense: An integer overflow when parsing values in the Private dictionary table in a PFB file, leading to a heap-based buff...