Incorrect Permission Assignment for Critical Resource

Overview snowflake-connector-python is a Snowflake Connector for Python Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource via the ConfigManager.readconfig path in configmanager.py. An attacker can modify sensitive settings stored in the...

OSV-2022-284 Heap-double-free in read_config

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46019 Crash type: Heap-double-free Crash state: readconfig readglob readconfig...

OSV-2022-260 Heap-double-free in read_config

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45687 Crash type: Heap-double-free Crash state: readconfig flbcffluentbitcreate flbcfcreatefromfile...

OSV-2022-259 Heap-double-free in read_config

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45671 Crash type: Heap-double-free Crash state: readconfig readglob readconfig...

OSV-2021-1105 Heap-buffer-overflow in read_config

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36908 Crash type: Heap-buffer-overflow READ 1 Crash state: readconfig snmpconfigfuzzer.c...

Directory traversal

Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c readconfig implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGORCFILE environment variable, which allows attackers to bypass intended access restrictions...

CVE-2013-0927

Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c readconfig implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGORCFILE environment variable, which allows attackers to bypass intended access restrictions...