CVE-2024-6104 go-retryablehttp can leak basic auth credentials to log files

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7...

CVE-2023-43907

OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c...

CVE-2023-43907

OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c...

CVE-2023-43907

OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c...

CVE-2023-43907

Summary: CVE-2023-43907 affects OptiPNG v0.7.7, where a global buffer overflow can be triggered via the “buffer” variable in gifread.c. The CVSS data assigns a HIGH impact with LOCAL attack vector, requiring user interaction, and a base score of 7.8. The interconnected advisories indicate that a ...

CVE-2023-43907

OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c...

CVE-2023-43907

OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c...

CVE-2022-38890

CVE-2022-38890 affects Nginx NJS 0.7.7. A segmentation violation is triggered by the njs_utf8_next function in src/njs_utf8.h. Public sources consistently describe the vulnerability as a segmentation fault in NJS, with NVD citing a CVSS v3.1 base score of 5.5 (Medium) and local attack vector, req...