60 matches found
MAL-2025-5847 Malicious code in vtk-osmesa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 910e787804512eabe1c118f5347fed9f57ca936717e18a80d26622108d75399e During the installation, sensitive information are exfiltrated incl. env variables --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
The vulnerability of the xmlDocGetRootElement() function in the IO/Infovis/vtkXMLTreeReader.cxx component of the VTK image processing library allows a attacker to cause a service failure.
The vulnerability of the xmlDocGetRootElement function in the IO/Infovis/vtkXMLTreeReader.cxx component of the VTK image processing library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow an attacker to cause a service failure...
Linux Distros Unpatched Vulnerability : CVE-2021-42521
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value ...
Ubuntu 16.04 ESM : VTK vulnerabilities (USN-4852-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4852-1 advisory. It was discovered that VTK incorrectly handled certain XML files in the embedded Expat library. An attacker could possibly use this issue to cause a deni...
Fedora: Security Advisory for vtk (FEDORA-2023-2cf9dd7d52)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 37 Update: vtk-9.1.0-18.fc37
VTK is an open-source software system for image processing, 3D graphics, volume rendering and visualization. VTK includes many advanced algorithms e.g., surface reconstruction, implicit modeling, decimation and rendering techniques e.g., hardware-accelerated volume rendering, LOD control. NOTE: T...
Fedora 37 : vtk (2023-2cf9dd7d52)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-2cf9dd7d52 advisory. Add upstream patch for CVE-2021-42521 - vtkXMLTreeReader: possible nullptr dereference Tenable has extracted the preceding description block directly from th...
Ubuntu: Security Advisory (USN-4852-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
abinitostudio (>=1.0.1 <=1.0.8), aicsshparam (>=0.0.6 <=0.0.12) +6 more potentially affected by CVE-2021-42521 via vtk (>=8.1.2 <=9.0.0)
vtk PYPI version =8.1.2, =1.0.1, =0.0.6, =1.0.0.0, =0.1.262, =0.0.1.dev1, =0.17.0, =0.22.0 Source cves: CVE-2021-42521 Source advisory: OSV:GHSA-XFHG-9PJG-XG7G...
VTK NULL pointer dereference vulnerability
There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may...
CVE-2021-42521
There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...
CVE-2021-42521
There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...
CVE-2021-42521
There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...
Null pointer dereference
There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...
abinitostudio (>=1.0.1 <=1.0.8), aicsshparam (>=0.0.6 <=0.0.12) +6 more potentially affected by CVE-2021-42521 via vtk (>=8.1.2 <=9.0.0)
vtk PYPI version =8.1.2, =1.0.1, =0.0.6, =1.0.0.0, =0.1.262, =0.0.1.dev1, =0.17.0, =0.22.0 Source cves: CVE-2021-42521 Source advisory: OSV:PYSEC-2022-255...
CVE-2021-42521
There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...
CVE-2021-42521
VTK vulnerability CVE-2021-42521: a NULL pointer dereference in IO/Infovis/vtkXMLTreeReader.cxx due to the vendor not checking xmlDocGetRootElement’s return value. Affected: VTK before 9.2.5. Impact: possible crash of the application. Root cause: potential NULL dereference when parsing XML with l...
CVE-2021-42521
There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...
USN-4852-1: VTK vulnerabilities
It was discovered that VTK incorrectly handled certain XML files in the embedded Expat library. An attacker could possibly use this issue to cause a denial of service or expose sensitive information...
vtk-moscow.ru XSS vulnerability
Open Bug Bounty ID: OBB-459221 Description| Value ---|--- Affected Website:| vtk-moscow.ru Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat She...