332 matches found
CVE-2020-5310
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...
ALPINE-CVE-2020-5310
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...
CVE-2020-5310
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...
DEBIAN-CVE-2020-5310
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...
PYSEC-2020-81
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...
CVE-2020-5310
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...
CVE-2020-5310
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...
CVE-2020-5310
CVE-2020-5310 affects Pillow’s TIFF decoding path, specifically libImaging/TiffDecode.c. The root cause is a TIFF decoding integer overflow tied to memory reallocation (realloc), exposing Pillow versions prior to 6.2.2 to potential crash or compromise when processing crafted TIFF images. Affected...
CVE-2020-5310
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...
ezXML Invalid Release Vulnerability
ezXML is a C library for parsing XML documents . An invalid release vulnerability exists in ezXML. The vulnerability stems from an attempt by the ezxmlcharcontent function to use realloc on an unallocated block.An attacker could exploit this vulnerability to cause a segmentation error...
UBUNTU-CVE-2019-20202
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent tries to use realloc on a block that was not allocated, leading to an invalid free and segmentation fault...
CVE-2019-20202
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent tries to use realloc on a block that was not allocated, leading to an invalid free and segmentation fault...
CVE-2019-20202
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent tries to use realloc on a block that was not allocated, leading to an invalid free and segmentation fault...
CVE-2019-20202
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent tries to use realloc on a block that was not allocated, leading to an invalid free and segmentation fault...
libarchive: Double free in RAR decoder resulting in a denial of service
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...
DEBIAN-CVE-2019-17545
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogrexpat.cpp when the 10MB threshold is exceeded...
UBUNTU-CVE-2019-17545
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogrexpat.cpp when the 10MB threshold is exceeded...
PYSEC-2019-241
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogrexpat.cpp when the 10MB threshold is exceeded...
PYSEC-2019-241
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogrexpat.cpp when the 10MB threshold is exceeded...
GDAL Double Release Vulnerability
GDAL is an open source software library for manipulating various raster and vector geospatial data formats. A poolDestroy double-release vulnerability exists in OGRExpatRealloc in ogr/ogrexpat.cpp in GDAL 3.0.1 and earlier when the 10MB threshold is exceeded, and no detailed vulnerability details...