Search CVE reports
1 – 3 of 3 results
CVE-2020-8927
Medium priorityA buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of...
1 affected packages
brotli
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
brotli | — | — | Fixed | Fixed | Fixed |
CVE-2016-1968
Medium priorityInteger underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted data with brotli compression.
3 affected packages
brotli, firefox, thunderbird
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
brotli | — | — | — | — | Fixed |
firefox | — | — | — | — | Not affected |
thunderbird | — | — | — | — | Not affected |
CVE-2016-1624
Medium prioritySome fixes available 7 of 10
Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly...
3 affected packages
brotli, chromium-browser, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
brotli | — | — | — | — | Fixed |
chromium-browser | — | — | — | — | Fixed |
oxide-qt | — | — | — | — | Fixed |