Lucene search
K

86 matches found

Mageia
Mageia
added 2023/03/01 9:14 p.m.21 views

Updated pkgconf packages fix security vulnerability

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. CVE-2023-24056...

5.5CVSS5.6AI score0.00516EPSS
Exploits1References2
OSV
OSV
added 2023/03/01 9:14 p.m.5 views

MGASA-2023-0077 Updated pkgconf packages fix security vulnerability

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. CVE-2023-24056...

5.5CVSS5.3AI score0.00516EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.4 views

SUSE CVE-2018-1000221

pkgconf version 1.5.0 to 1.5.2 contains a Buffer Overflow vulnerability in dequote that can result in dequote function returns 1-byte allocation if initial length is 0, leading to buffer overflow. This attack appear to be exploitable via specially crafted .pc file. This vulnerability appears to...

9.8CVSS7.3AI score0.01352EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:21 a.m.4 views

SUSE CVE-2023-24056

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

5.5CVSS6.5AI score0.00516EPSS
Exploits1References5
CBLMariner
CBLMariner
added 2023/02/14 8:36 p.m.6 views

CVE-2023-24056 affecting package pkgconf for versions less than 1.8.0-3

CVE-2023-24056 affecting package pkgconf for versions less than 1.8.0-3. A patched version of the package is available...

5.5CVSS5.5AI score0.00516EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/02/14 12:0 a.m.16 views

openSUSE 15 Security Update : pkgconf (openSUSE-SU-2023:0043-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0043-1 advisory. - In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. Fo...

5.5CVSS6.3AI score0.00516EPSS
Exploits1References4
OSV
OSV
added 2023/02/09 7:1 p.m.4 views

OPENSUSE-SU-2023:0043-1 Security update for pkgconf

This update for pkgconf fixes the following issues: - CVE-2023-24056: FIxed variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c boo1207394...

5.5CVSS5.3AI score0.00516EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2023/02/09 12:0 a.m.2 views

Security update for pkgconf (moderate)

openSUSE Security Update: Security update for pkgconf Announcement ID: openSUSE-SU-2023:0043-1 Rating: moderate References: 1207394 Cross-References: CVE-2023-24056 CVSS scores: CVE-2023-24056 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2023-24056 SUSE: 5.5...

5.5CVSS6.1AI score0.00516EPSS
Exploits1References1
OSV
OSV
added 2023/02/03 11:4 a.m.2 views

OESA-2023-1046 pkgconf security update

pkgconf is a program which helps to configure compiler and linker flags for development frameworks. It is similar to pkg-config from freedesktop.org, providing additional functionality while also maintaining compatibility. Security Fixes: In pkgconf through 1.9.3, variable duplication can cause...

5.5CVSS7.5AI score0.00516EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2023/01/30 8:0 a.m.4 views

In pkgconf through 1.9.3 variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example a .pc file containing a few hundred bytes can expand to one billion bytes.

...

5.5CVSS5.9AI score0.00516EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2023/01/27 1:35 p.m.77 views

CVE-2023-24056

A flaw was found in pkgconf, where a variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. This issue may lead to a buffer overflow, which can crash the software...

5.5CVSS5.5AI score0.00516EPSS
Exploits1References4
OSV
OSV
added 2023/01/22 4:15 a.m.10 views

AZL-13124 CVE-2023-24056 affecting package pkgconf for versions less than 1.8.0-3

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

5.5CVSS6.4AI score0.00516EPSS
Exploits1References1
NVD
NVD
added 2023/01/22 4:15 a.m.10 views

CVE-2023-24056

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

5.5CVSS5.3AI score0.00516EPSS
Exploits1References3
OSV
OSV
added 2023/01/22 4:15 a.m.2 views

ALPINE-CVE-2023-24056

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

5.5CVSS6.9AI score0.00516EPSS
Exploits1References1
OSV
OSV
added 2023/01/22 4:15 a.m.2 views

DEBIAN-CVE-2023-24056

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

5.5CVSS5.4AI score0.00516EPSS
Exploits1References1
OSV
OSV
added 2023/01/22 4:15 a.m.15 views

CVE-2023-24056

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

5.5CVSS2AI score
Exploits0References3
Chainguard
Chainguard
added 2023/01/22 4:15 a.m.15 views

CVE-2023-24056 vulnerabilities

Vulnerabilities for packages: pkgconf...

5.5CVSS7.4AI score0.00516EPSS
Exploits1
Wolfi
Wolfi
added 2023/01/22 4:15 a.m.35 views

CVE-2023-24056 vulnerabilities

Vulnerabilities for packages: pkgconf...

5.5CVSS7.7AI score0.00516EPSS
Exploits1
Prion
Prion
added 2023/01/22 4:15 a.m.12 views

Design/Logic Flaw

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

1.9CVSS5.2AI score0.00516EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/01/22 4:15 a.m.3 views

UBUNTU-CVE-2023-24056

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

5.5CVSS6.8AI score0.00516EPSS
Exploits1References3
Rows per page
Query Builder