MiracleLinux 7 : libmspack-0.5-0.6.alpha.el7 (AXSA:2018-3385:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3385:01 advisory. libmspack: off-by-one error in the CHM PMGI/PMGL chunk number validity checks CVE-2018-14679 libmspack: off-by-one error in the CHM chunk number...

Astra Linux - уязвимость в ruby-webrick

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

User Impersonation

Overview Affected versions of this package are vulnerable to User Impersonation via the readheaders process. An attacker can manipulate server-visible metadata, logging, and authorization decisions by injecting specially crafted HTTP headers that are processed before internal server headers,...

HTTP Request Smuggling

Overview webrick is a HTTP server toolkit that can be configured as an HTTPS server, a proxy server, and a virtual-host server. Affected versions of this package are vulnerable to HTTP Request Smuggling via the readheaders method. An attacker can exploit inconsistent parsing of HTTP header...

CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

AZL-64352 CVE-2025-6442 affecting package ruby for versions less than 3.3.5-4

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

Webrick 环境问题漏洞

Webrick is an HTTP server toolkit open-sourced by The Ruby Programming Language. Webrick suffers from an environment issue vulnerability that stems from inconsistent parsing of HTTP header terminators by the readheaders method, which could lead to an HTTP request entrapment attack...

SUSE CVE-2025-6442

Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The...

SUSE CVE-2018-14681

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

SUSE CVE-2019-1010305

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

libmspack: buffer overflow in function chmd_read_headers()

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

Libmspack Buffer Overflow Vulnerability (CNVD-2019-23044)

Libmspack is a library that can compress and decompress files in CAB, CHM and HLP formats. A buffer overflow vulnerability exists in the 'chmdreadheaders' function in Libmspack version 0.9.1alpha. The vulnerability stems from a networked system or product performing operations in memory without...

UBUNTU-CVE-2019-1010305

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

PT-2019-4926

Name of the Vulnerable Software and Affected Versions libmspack version 0.9.1alpha Description The issue is caused by a buffer overflow in the chmd read headers function in the libmspack library, which can allow a remote attacker to disclose protected information using a specially crafted chm fil...

libmspack: out-of-bounds write in kwajd_read_headers in mspack/kwajd.c

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

DEBIAN-CVE-2018-18585

chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name...

libmspack Buffer Overflow Vulnerability

Libmspack is a library that can compress and decompress files in CAB, CHM and HLP formats. A security vulnerability exists in the 'chmdreadheaders' function in the mspack/chmd.c file in versions of Libmspack prior to 0.8alpha. No details of the vulnerability are provided at this time...

ALPINE-CVE-2018-14681

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

UBUNTU-CVE-2018-14681

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

Drupal Dynamic display block module security bypass vulnerability

Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community.Dynamic display block is one of the featured content slideshow modules. A security vulnerability exists in the Drupal Dynamic display block module in versions 7.x-1.1 and earlier. A...