Search CVE reports
1 – 10 of 166 results
In Xpdf 4.05 (and earlier), a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow.
2 affected packages
xpdf, ipe
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xpdf | Needs evaluation | Needs evaluation | — | Needs evaluation |
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[May Leak Sensitive Information in Logs]
1 affected package
golang-github-go-viper-mapstructure
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang-github-go-viper-mapstructure | Not in release | Not in release | — | — |
In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).
1 affected package
iperf3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| iperf3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.
1 affected package
iperf3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| iperf3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow.
1 affected package
iperf3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| iperf3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 may leak sensitive information in logs when processing malformed data....
1 affected package
golang-github-go-viper-mapstructure
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang-github-go-viper-mapstructure | Not in release | Not in release | — | — |
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value in a PDF shading dictionary.
2 affected packages
ipe, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xpdf | Needs evaluation | Needs evaluation | Not in release | Needs evaluation |
Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.
2 affected packages
xpdf, ipe
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xpdf | Needs evaluation | Needs evaluation | Not in release | Needs evaluation |
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function.
1 affected package
iperf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| iperf | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.
2 affected packages
xpdf, ipe
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xpdf | Needs evaluation | Needs evaluation | Not in release | Needs evaluation |
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |