Advisory ROSA-SA-2026-3301

Component: libconfuse 3.3 Operating System: ROSA-CHROME Unaffected versions: = libconfuse-3.3-3 Affected versions: libconfuse-3.3-3 CVE-ID: CVE-2022-40320 BDU-ID: 2022-05795 CVE-Crit: LOW CVE-DESC.: The vulnerability in the cfgtildeexpand function of the configuration file parser library libConfu...

EUVD-2018-11444

Malware in sbrugna...

EUVD-2018-6364

Malware in sbrugna...

EUVD-2022-43611

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-19760

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cfginit in confuse.c in libConfuse 3.2.2 has a memory leak. CVE-2018-19760 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2022-40320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cfgtildeexpand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. CVE-2022-40320 Note that Nessus relies on the presence of the package as report...

OPENSUSE-SU-2024:10930-1 libconfuse-devel-3.3-1.7 on GA media

These are all security issues fixed in the libconfuse-devel-3.3-1.7 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12324-1 libconfuse-devel-3.3-2.1 on GA media

These are all security issues fixed in the libconfuse-devel-3.3-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2022-40320 affecting package libconfuse for versions less than 3.3-2

CVE-2022-40320 affecting package libconfuse for versions less than 3.3-2. A patched version of the package is available...

CBL Mariner 2.0 Security Update: libconfuse (CVE-2022-40320)

The version of libconfuse installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-40320 advisory. - cfgtildeexpand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. CVE-2022-40320 Note tha...

CVE-2022-40320 affecting package libconfuse 3.3-1

CVE-2022-40320 affecting package libconfuse 3.3-1. A patched version of the package is available...

Amazon Linux AMI : libconfuse (ALAS-2023-1692)

The version of libconfuse installed on the remote host is prior to 2.7-4.4. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1692 advisory. cfgtildeexpand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. CVE-2022-40320 Tenable has extracted the precedi...

Important: libconfuse

Issue Overview: cfgtildeexpand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. CVE-2022-40320 Affected Packages: libconfuse Issue Correction: Run yum update libconfuse or yum update --advisory ALAS-2023-1692 to update your system. New Packages: i686: ...

SUSE CVE-2018-14447

trimwhitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read...

SUSE CVE-2018-19760

cfginit in confuse.c in libConfuse 3.2.2 has a memory leak...

SUSE CVE-2022-40320

cfgtildeexpand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read...

CVE-2022-40320 affecting package libconfuse for versions less than 3.3-2

CVE-2022-40320 affecting package libconfuse for versions less than 3.3-2. A patched version of the package is available...

Mageia: Security Advisory (MGASA-2022-0387)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0387 Updated libconfuse packages fix security vulnerability

cfgtildeexpand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. CVE-2022-40320...

Updated libconfuse packages fix security vulnerability

cfgtildeexpand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. CVE-2022-40320...