apko 数据伪造问题漏洞

Apko is an open-source OCI image builder based on APK. Versions of Apko prior to 1.2.7 had a data manipulation vulnerability. This vulnerability stemmed from verifying the APKINDEX.tar.gz signature but failing to compare the downloaded.apk package with the checksum in the signature index. This...

CVE-2019-25657 AnyBurn 4.3 x86 Denial of Service via Image Conversion

AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the image conversion function. Attackers can paste a large buffer into the source or destination image file fields and click Convert Now to...

GIMP 安全漏洞

GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability that stems from the improper validation of data length during the parsing of ICO files. This issue occurs when data provided by users is copied into a heap-based buffer without proper validati...

apko 安全漏洞

Apko is an open-source OCI image builder based on APK. Versions of Apko from 0.14.8 to 1.1.1 contained security vulnerabilities. These vulnerabilities stemmed from a path traversal vulnerability in the dirFS file system abstraction layer, which could lead to the creation of directories or symboli...

Netlify netlify-ipx 代码问题漏洞

Netlify netlify-ipx is a library from the American company Netlify. It is used for on-demand image optimization of Netlify. A code issue vulnerability exists in Netlify netlify-ipx versions prior to 1.2.3. An attacker exploiting this vulnerability could bypass the source image field allowlist by...

[SECURITY] Fedora 25 Update: fedora-arm-installer-2.1-1.fc25

Allows one to first select a source image local or remote. The image must be a binary file containing: MBR + Partitions + File Systems + Data. A destination block device should then be selected for final installation...

[SECURITY] Fedora 26 Update: fedora-arm-installer-2.1-1.fc26

Allows one to first select a source image local or remote. The image must be a binary file containing: MBR + Partitions + File Systems + Data. A destination block device should then be selected for final installation...

[SECURITY] Fedora 27 Update: fedora-arm-installer-2.1-1.fc27

Allows one to first select a source image local or remote. The image must be a binary file containing: MBR + Partitions + File Systems + Data. A destination block device should then be selected for final installation...

Juniper Issues Security Alert Tied to Routers and Switches

Juniper Networks warned customers Thursday of a high-risk vulnerability in the GD graphics library that could allow a remote attacker to take control of systems running certain versions of the Junos OS. The alert was in conjunction with a warning from the U.S. Computer Emergency Readiness Team...

Juniper Networks Junos OS libgd Heap Overflow Vulnerability

Junos OS is prone to a heap overflow vulnerability in libgd which allows remote attackers to cause a denial of service or potentially execute arbitrary code. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

libgd 2.1.1 - Signedness Heap Overflow

libgd 2.1.1 - Signedness Heap Overflow Overview ======== libgd 1 is an open-source image library. It is perhaps primarily used by the PHP project. It has been bundled with the default installation of PHP since version 4.3 2. A signedness vulnerability CVE-2016-3074 exist in libgd 2.1.1 which may...