285 matches found
SUSE CVE-2024-11233
In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...
AZL-56166 CVE-2024-47809 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkbresource null dereference This patch fixes a possible null pointer dereference when this function is called from requestlock as lkb-lkbresource is not assigned yet, only after validatelockargs by calling...
AZL-56121 CVE-2024-47809 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkbresource null dereference This patch fixes a possible null pointer dereference when this function is called from requestlock as lkb-lkbresource is not assigned yet, only after validatelockargs by calling...
CLSA-2024-1735310784 Fix CVE(s): CVE-2024-11233
SECURITY UPDATE: Out-of-bounds read in quoted-printable decoder - debian/patches/CVE-2024-11233.patch: Fix buffer handling in convert.quoted-printable-decode filter to prevent one-byte out-of-bounds read - CVE-2024-11233...
CLSA-2024-1735065830 Fix CVE(s): CVE-2024-11233
SECURITY UPDATE: Security vulnerability in package - debian/patches/CVE-2024-11233.patch: fix error in convert.quoted printable-decode filter certain data leading to buffer overread. Fix segfault with streams and invalid data. - CVE-2024-11233...
CLSA-2024-1734543983 php: Fix of CVE-2024-11233
CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter...
CLSA-2024-1734368527 php: Fix of CVE-2024-11233
CVE-2024-11233: Fix buffer overread by one byte issue in convert.quoted-printable-decode filter - Fix Bug 74267: segfault with streams and invalid data...
CLSA-2024-1733908995 php: Fix of CVE-2024-11233
CVE-2024-11233: Fix buffer overflow vulnerability in convert.quoted-printable-decode filter; fix bug 74267...
Single byte overread with convert.quoted-printable-decode filter
...
CLSA-2024-1733429914 php: Fix of CVE-2024-11233
CVE-2024-11233: fix buffer overflow vulnerability in convert.quoted-printable-decode filter...
CLSA-2024-1733422173 php: Fix of CVE-2024-11233
CVE-2024-11233: Fix buffer overflow vulnerability in convert.quoted-printable-decode filter...
CLSA-2024-1733421975 php: Fix of CVE-2024-11233
CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter...
php: Fix of CVE-2024-11233
CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter...
Security update for php8
This update for php8 fixes the following issues: CVE-2024-11233: buffer overread when processing input with the convert.quoted-printable-decode filter. bsc1233702 CVE-2024-11234: possible CRLF injection in URIs when a proxy is configured in a stream context. bsc1233703 CVE-2024-8929: data exposur...
Unsoundness in anstream
When given a valid UTF8 string "ö\x1b😀", the function in crates/anstream/src/adapter/strip.rs will be confused. The UTF8 bytes are \xc3\xb6 then \x1b then \xf0\x9f\x98\x80. When looping over "non-printable bytes" \x1b\xf0 will be considered as some non-printable sequence. This will produce a brok...
GHSA-2RXC-GJRP-VJHX Unsoundness in anstream
When given a valid UTF8 string "ö\x1b😀", the function in crates/anstream/src/adapter/strip.rs will be confused. The UTF8 bytes are \xc3\xb6 then \x1b then \xf0\x9f\x98\x80. When looping over "non-printable bytes" \x1b\xf0 will be considered as some non-printable sequence. This will produce a brok...
CLSA-2024-1733246329 php: Fix of CVE-2024-11233
CVE-2024-11233: fix buffer overflow vulnerability in convert.quoted-printable-decode filter...
Security update for php7
This update for php7 fixes the following issues: CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter bsc1233702. CVE-2024-11234: Configuring a proxy in a stream context might allow for CRLF injection in URIs bsc1233703. CVE-2024-8929: Leak partial content of the heap...
The vulnerability of the convert.quoted-printable-decode filter in the PHP programming language interpreter allows a hacker to trigger a service failure.
The vulnerability of the convert.quoted-printable-decode filter in the PHP programming language interpreter is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
BIT-PHP-2024-11233 Single byte overread with convert.quoted-printable-decode filter
In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...