Search CVE reports
1 – 2 of 2 results
CVE-2020-12135
Medium prioritySome fixes available 12 of 26
bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.
2 affected packages
duo-unix, whoopsie
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
duo-unix | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
whoopsie | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2019-11484
Medium prioritySome fixes available 14 of 28
Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.
2 affected packages
duo-unix, whoopsie
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
duo-unix | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
whoopsie | Fixed | Fixed | Fixed | Fixed | Fixed |