11 matches found
USN-7015-4: Python vulnerability
USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2023-27043 for python2.7 and python3.5 in Ubuntu 14.04 LTS. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special...
USN-7015-1: Python vulnerabilities
It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. CVE-2023-27043 It was discovered that Python allowed excessive backtracking while parsing...
[SECURITY] [DLA 3030-1] zipios++ security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3030-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz May 27, 2022 https://wiki.debian.org/LTS -...
golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)
A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could...
golang: archive/zip: malformed archive may cause panic or memory exhaustion
A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files...
golang: archive/zip: malformed archive may cause panic or memory exhaustion
A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files...
USN-4057-1 Zipios vulnerability
Mike Salvatore discovered that Zipios mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources. CVE-2019-13453...
USN-3699-1 zziplib vulnerabilities
It was discovered that zziplib incorrectly handled certain malformed ZIP files. If a user or automated system were tricked into opening a specially crafted ZIP file, a remote attacker could cause zziplib to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-3320-1 zziplib vulnerabilities
Agostino Sarubbo discovered that zziplib incorrectly handled certain malformed ZIP files. If a user or automated system were tricked into opening a specially crafted ZIP file, a remote attacker could cause zziplib to crash, resulting in a denial of service, or possibly execute arbitrary code...
Medium severity flaw with Ark
I recently discovered that the Ark archiving tool is vulnerable to directory traversal via malformed. When attempts are made to view files within the malformed Zip file in Ark's default view, the wrong file may be displayed due to incorrect construction of the temporary file name. Whilst this doe...
clamav -- zip handling DoS vulnerability
The clamav daemon is vulnerable to a DoS vulnerability due to insufficient handling of malformed zip files which can crash the clamav daemon...