2 matches found
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the SWSDfldsrch function. An attacker can execute arbitrary code or cause a denial of service by providing crafted input that triggers a heap-based buffer overflow. Remediation Upgrade gdal to version 3.13....
Missing Cryptographic Step
Overview Affected versions of this package are vulnerable to Missing Cryptographic Step via the RLPx process. An attacker can potentially access confidential information by exploiting the use of two CTR streams that share the same key, IV, and nonce, which may allow decryption of network traffic...