Fedora: Security Advisory for ghc-isocline (FEDORA-2024-b458482d48)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: ghc-isocline-1.0.9-28.fc40

A Haskell wrapper around the Isocline C library alternative to GNU Readline. The Isocline library is included whole and there are no runtime dependencies...

DEBIAN-CVE-2024-28583

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the readLine function when reading images in XPM format...

UBUNTU-CVE-2024-28583

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the readLine function when reading images in XPM format...

FreeImage Security Vulnerability

FreeImage is a cross-platform open source library for supporting popular graphic image formats. A security vulnerability exists in FreeImage version v.3.19.0, which stems from a buffer overflow vulnerability. A local attacker can use this vulnerability to execute arbitrary code via the readLine...

CVE-2024-28583

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the readLine function when reading images in XPM format...

PT-2024-22487 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.19.0 Description: The issue allows a local attacker to execute arbitrary code via the readLine function when reading images in XPM format. Recommendations: For FreeImage version 3.19.0, consider disabling the readLine...

[SECURITY] Fedora 40 Update: jline2-2.14.6-12.fc40

JLine is a Java library for handling console input. It is similar in functionality to BSD editline and GNU readline. People familiar with the readline/editline capabilities for modern shells such as bash and tcsh will find most of the command editing features of JLine to be familiar...

GLSA-202401-08 : util-linux: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-08 util-linux: Multiple Vulnerabilities - A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local...

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3

The rltropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.PID file...

SUSE CVE-2006-4810

Buffer overflow in the readline function in util/texindex.c, as used by the 1 texi2dvi and 2 texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file...

SUSE CVE-2012-0219

Heap-based buffer overflow in the xioscanreadline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address...

SUSE CVE-2013-1752

Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service memory consumption via a long string, related to 1 httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; 2 ftplib - fixed in 2.7.6, 2.6.9, 3.3.3; 3 imaplib - not yet fixed in 2.7.x...

SUSE CVE-2014-2524

The rltropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.PID file...

SUSE CVE-2015-8925

The readline function in archivereadsupportformatmtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service invalid read via a crafted mtree file, related to newline parsing...

SUSE CVE-2016-7091

sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw ...

SUSE CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

Amazon Linux 2022 : util-linux (ALAS2022-2022-218)

The version of util-linux installed on the remote host is prior to 2.37.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-218 advisory. - A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to...

Medium: util-linux

Issue Overview: A flaw was found in the Linux kernel's util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error...

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2022-2593)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...