Medium: rust-cargo-c

Issue Overview: A flaw in the gix-date library can generate invalid non-UTF8 strings, leading to undefined behavior when processed. The most likely impact from a successful attack is to data integrity, by the malicious data being able to corrupt data being hold in memory and to system availabilit...

Amazon Linux 2023 : mount-s3 (ALAS2023-2026-1510)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1510 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via...

CVE-2024-22023

An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS...

PT-2023-25977 · Cmark-Gfm +1 · Cmark-Gfm +1

Name of the Vulnerable Software and Affected Versions: cmark-gfm versions prior to 0.29.0.gfm.12 Description: cmark-gfm is an extended version of the C reference implementation of CommonMark, a rationalized version of Markdown syntax with a spec. Three polynomial time complexity issues in cmark-g...