libarchive 安全漏洞

libarchive is a multi-format archive and compression library open-sourced by libarchive. A security vulnerability exists in libarchive 3.7.7 and earlier versions, which stems from a heap-based buffer over-read due to incorrect handling of truncation in the middle of GNU long link names...

Iceweasel-firegpg Backlink Vulnerability

Iceweasel-firegpg is a content encryption package for the Iceweasel browser. A backlink vulnerability in Iceweasel-firegpg versions prior to 0.6, which stems from a network system or product that does not properly filter filenames of links or shortcuts that represent unintended resources, can be...

php: buffer overflow in handling of long link names in tar phar archives

Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted TAR archive...

cumin: DoS via displayed link names containing non-ASCII characters

It was found that if Cumin were asked to display a link name containing non-ASCII characters, the request would terminate with an error. If data containing non-ASCII characters were added to the database such as via Cumin or Wallaby, requests to load said data would terminate and the requested pa...