6 matches found
Malicious code in bulma-antares-update-node-sass (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da90409dae49766f73cccce1aa6e68c01b0cdeb89095c307fa9ed01a6e3d9d85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Linux Distros Unpatched Vulnerability : CVE-2024-48425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A segmentation fault SEGV was detected in the Assimp::SplitLargeMeshesProcessTriangle::UpdateNode function within the Assimp library during fuzz testing using...
The vulnerability of the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode() function in the Open Asset Import Library (Assimp) import library allows a malicious actor to trigger a denial-of-service attack.
The vulnerability of the OpenDDLParser::parseStructure function in the Open Asset Import Library Assimp import library is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...
DEBIAN-CVE-2024-48425
A segmentation fault SEGV was detected in the Assimp::SplitLargeMeshesProcessTriangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero page, indicating a...
UBUNTU-CVE-2024-48425
A segmentation fault SEGV was detected in the Assimp::SplitLargeMeshesProcessTriangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero page, indicating a...
PT-2022-6180 · Node.Js +8 · Node +8
Name of the Vulnerable Software and Affected Versions: Node versions 18.7.0 Description: The issue is related to the llhttp parser in the http module, which does not correctly handle header fields that are not terminated with CLRF, potentially resulting in HTTP Request Smuggling. There is also a...