RUSTSEC-2020-0148 Multiple soundness issues in `Ptr`

Affected versions of this crate have the following issues: 1. Ptr implements Send and Sync for all types, this can lead to data races by sending non-thread safe types across threads. 2. Ptr::get violates mutable alias rules by returning multiple mutable references to the same object. 3. Ptr::writ...

Soundness issue with base::Error

base::Error type contains public field named ptr. With this definition, it is possible to create a base::Error with an invalid pointer and trigger memory safety errors such as use-after-free or double-free with safe Rust. The users of xcb crate are advised not to manipulate the field...

RUSTSEC-2020-0097 Soundness issue with base::Error

base::Error type contains public field named ptr. With this definition, it is possible to create a base::Error with an invalid pointer and trigger memory safety errors such as use-after-free or double-free with safe Rust. The users of xcb crate are advised not to manipulate the field...

CVE-2020-27830

A vulnerability was found in Linux Kernel where in the spkttyioreceivebuf2 function, it would dereference spkttyiosynth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash...

Prototype Pollution

json-ptr is vulnerable to prototype pollution. An attacker is able to inject arbitrary properties into existing construct prototypes...

CVE-2020-7766

This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...

CVE-2020-7766

This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...

Code injection

This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...

CVE-2020-7766

The CVE-2020-7766 issue affects the json-ptr package and is triggered in the set operation when the force flag is true. The vulnerable path recursively sets properties on the target object but does not adequately validate the key, enabling prototype pollution. Affected versions are before 3.0.0, ...

CVE-2020-7766 Prototype Pollution

This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

PT-2020-19778 · Json Ptr · Json-Ptr

Name of the Vulnerable Software and Affected Versions: json-ptr versions prior to 2.1.0 Description: The issue occurs in the set operation when the force flag is set to true. The function recursively sets the property in the target object, however it does not properly check the key being set,...

Low: libwmf

Issue Overview: No CVE associated with this advisory Affected Packages: libwmf Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update libwmf or yum update...

Fedora 32 : libmetalink (2020-c3ca827d31)

Patched null ptr dereference Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

openSUSE: Security Advisory for libupnp (openSUSE-SU-2020:0805-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for libupnp (moderate)

openSUSE Security Update: Security update for libupnp Announcement ID: openSUSE-SU-2020:0821-1 Rating: moderate References: 1172625 Cross-References: CVE-2020-13848 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update f...

CVE-2019-6978

The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is unaffected...

Huawei EulerOS: Security Advisory for gd (EulerOS-SA-2019-1064)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated clementine packages fix security vulnerability

NULL ptr dereference crash in the moodbar pipeline CVE-2019-14332...

EulerOS 2.0 SP2 : gd (EulerOS-SA-2019-1715)

According to the version of the gd package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is...