Lucene search
+L

11 matches found

github
github
added 2023/09/05 6:30 a.m.20 views

Index out of bounds leading to crash

ZPLGFA 1.1.1 allows attackers to cause a panic because of an integer index out of range during a ConvertToGraphicField call via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence...

5.5CVSS7.1AI score0.00242EPSS
Exploits1References4Affected Software1
github
github
added 2023/09/05 6:30 a.m.31 views

Crash when processing crafted TIFF files

Disintegration Imaging 1.6.2 allows attackers to cause a panic because of an integer index out of range during a Grayscale call via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequenc...

5.5CVSS7AI score0.00354EPSS
Exploits1References4Affected Software1
nvd
nvd
added 2023/09/05 5:15 a.m.19 views

CVE-2023-36307

ZPLGFA 1.1.1 allows attackers to cause a panic because of an integer index out of range during a ConvertToGraphicField call via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence...

5.5CVSS5.5AI score0.00242EPSS
Exploits1References1
prion
prion
added 2023/09/05 5:15 a.m.23 views

Integer overflow

DISPUTED ZPLGFA 1.1.1 allows attackers to cause a panic because of an integer index out of range during a ConvertToGraphicField call via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence...

1.9CVSS5.5AI score0.00242EPSS
Exploits1References1Affected Software1
ubuntucve
ubuntucve
added 2023/09/05 4:15 a.m.24 views

CVE-2023-36308

disintegration Imaging 1.6.2 allows attackers to cause a panic because of an integer index out of range during a Grayscale call via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequenc...

5.5CVSS6.1AI score0.00354EPSS
Exploits1References3
prion
prion
added 2023/09/05 4:15 a.m.18 views

Design/Logic Flaw

DISPUTED disintegration Imaging 1.6.2 allows attackers to cause a panic because of an integer index out of range during a Grayscale call via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security...

1.9CVSS5.3AI score0.00354EPSS
Exploits1References2Affected Software1
vulnrichment
vulnrichment
added 2023/09/05 12:0 a.m.21 views

CVE-2023-36308

disintegration Imaging 1.6.2 allows attackers to cause a panic because of an integer index out of range during a Grayscale call via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequenc...

6.6AI score0.00354EPSS
Exploits1References3
cve
cve
added 2023/09/05 12:0 a.m.295 views

CVE-2023-36308

The CVE-2023-36308 entry concerns disintegration Imaging 1.6.2. Affected component: the scanner.go scan function, specifically the Grayscale path when processing crafted TIFF files. Root cause: an integer index out of range leads to a panic. Impact: the description notes it is unclear whether thi...

5.5CVSS5.3AI score0.00354EPSS
Exploits1References4Affected Software1
debiancve
debiancve
added 2023/09/05 12:0 a.m.16 views

CVE-2023-36308

disintegration Imaging 1.6.2 allows attackers to cause a panic because of an integer index out of range during a Grayscale call via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequenc...

5.5CVSS5.3AI score0.00354EPSS
Exploits1
cvelist
cvelist
added 2023/09/05 12:0 a.m.57 views

CVE-2023-36308

disintegration Imaging 1.6.2 allows attackers to cause a panic because of an integer index out of range during a Grayscale call via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequenc...

5.6AI score0.00354EPSS
Exploits1References3
huntr
huntr
added 2021/05/25 10:34 p.m.20 views

in thisistherk/fast_obj

✍️ Description Whilst experimenting with the test code built from commit d97389 with Clang 11 +UBSan on Ubuntu 20.04.2 LTS, we discovered an OBJ file which produces a signed integer overflow and a pointer overflow followed by a SIGSEGV 🕵️‍♂️ Proof of Concept echo...

2.8AI score
Exploits0
Rows per page
Query Builder