4 matches found
libssh: Write beyond bounds in binary to base64 conversion functions
There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to sshgetfingerprinthash function. In such cases the bintobase64 function can experience an integer overflow leading to a memory under allocation, when that happens it's possibl...
Updated mozjs78 packages fix security vulnerabilities
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. CVE-2024-45490 An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...
perl: heap-based buffer overflow in regular expression compiler leads to DoS
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...
Updated pixman packages fix security vulnerabilities
Updated pixman packages fix security vulnerability: The pixman library before 0.32.8 is vulnerable to a buffer overflow which can affect 32-bit systems...