5 results (0.011 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows. En libebml anterior a 1.4.5, puede ocurrir un desbordamiento de enteros en MemIOCallback.cpp al leer o escribir. Puede provocar desbordamientos de búfer. • https://github.com/Matroska-Org/libebml/blob/v1.x/NEWS.md https://github.com/Matroska-Org/libebml/compare/release-1.4.4...release-1.4.5 https://github.com/Matroska-Org/libebml/issues/147 https://github.com/Matroska-Org/libebml/pull/148 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BJUXVOIRWPP7OFYUKQZDNJTSLWCPIZBH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNANFT4P6KL4WDQ3TV6QQ44NSC7WKLAB • CWE-190: Integer Overflow or Wraparound •

CVSS: 6.5EPSS: 1%CPEs: 5EXPL: 1

A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml. Se encontró un fallo en libebml versiones anteriores a 1.4.2. Se presenta un error de desbordamiento de la pila en la implementación de las funciones EbmlString::ReadData y EbmlUnicodeString::ReadData en libebml • https://github.com/Matroska-Org/libebml/issues/74 https://lists.debian.org/debian-lts-announce/2021/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JNHQI6MDOECJ2HT5GCLEX2DMJFEOWPW7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHIIMWZKHHELFF4NRDMOOCS3HKK3K4DF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YY7R2JZRO5I6WS62KTJFTZGKYELVFTVB https://security.gentoo.org/glsa/202208-21 • CWE-787: Out-of-bounds Write •

CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0

Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document. Vulnerabilidad de uso después de liberación de memoria en la función EbmlMaster::Read en libEBML en versiones anteriores a 1.3.3 permite a atacantes dependientes del contexto tener un impacto no especificado a través de un "elemento anidado profundamente con tamaño infinito" seguido por otro elemento de un nivel superior en un documento EBML. • http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html http://lists.opensuse.org/opensuse-updates/2016-01/msg00035.html http://www.debian.org/security/2016/dsa-3538 http://www.securityfocus.com/bid/94924 http://www.talosintelligence.com/reports/TALOS-2016-0037 https://github.com/Matroska-Org/libebml/blob/release-1.3.3/ChangeLog https://github.com/Matroska-Org/libebml/commit/88409e2a94dd3b40ff81d08bf6d92f486d036b24 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access. La función EbmlUnicodeString::UpdateFromUTF8 en libEBML en versiones anteriores a 1.3.3 permite a atacantes dependientes del contexto obtener información sensible desde la memoria dinámica de proceso a través de una cadena UTF-8 manipulada, lo que desencadena un acceso de memoria no válido. • http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html http://lists.opensuse.org/opensuse-updates/2016-01/msg00035.html http://www.debian.org/security/2016/dsa-3538 http://www.securityfocus.com/bid/85307 http://www.securityfocus.com/bid/95124 http://www.talosintelligence.com/reports/TALOS-2016-0036 https://github.com/Matroska-Org/libebml/blob/release-1.3.3/ChangeLog https://github.com/Matroska-Org/libebml/commit/ababb64e0c792ad2a314245233db0833ba12036b • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access. La función EbmlElement::ReadCodedSizeValue en libEBML en versiones anteriores a 1.3.3 permite a atacantes dependientes del contexto obtener información sensible desde la memoria dinámica de proceso a través de un valor de longitud manipulado en un id EBML, lo que desencadena un acceso de memoria no válido. • http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html http://lists.opensuse.org/opensuse-updates/2016-01/msg00035.html http://www.debian.org/security/2016/dsa-3538 https://github.com/Matroska-Org/libebml/blob/release-1.3.3/ChangeLog https://github.com/Matroska-Org/libebml/commit/24e5cd7c666b1ddd85619d60486db0a5481c1b90 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •