CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2021-29457 – Heap buffer overflow in Exiv2::Jp2Image::doWriteMetadata
https://notcve.org/view.php?id=CVE-2021-29457
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when _writing_ the metadata, which is a less frequently used Exiv2 operation than _reading_ the metadata. • https://github.com/Exiv2/exiv2/issues/1529 https://github.com/Exiv2/exiv2/pull/1534 https://github.com/Exiv2/exiv2/security/advisories/GHSA-v74w-h496-cgqm https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQT5F5IINTDYDAFGVGQZ7PMMLG7I5ZZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN https://security.gentoo.org/glsa/202312-06 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 1CVE-2021-29458 – Out-of-bounds read in Exiv2::Internal::CrwMap::encode
https://notcve.org/view.php?id=CVE-2021-29458
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. • https://github.com/Exiv2/exiv2/issues/1530 https://github.com/Exiv2/exiv2/pull/1536 https://github.com/Exiv2/exiv2/security/advisories/GHSA-57jj-75fm-9rq5 https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQT5F5IINTDYDAFGVGQZ7PMMLG7I5ZZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN https://security.gentoo.org/glsa/202312-06 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-20297 – NetworkManager: Profile with match.path setting triggers crash
https://notcve.org/view.php?id=CVE-2021-20297
A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability. Se encontró un fallo en NetworkManager en versiones anteriores a 1.30.0. Ajustando el archivo match.path y activando un perfil bloquea NetworkManager. • https://bugzilla.redhat.com/show_bug.cgi?id=1943282 https://access.redhat.com/security/cve/CVE-2021-20297 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 94%CPEs: 4EXPL: 1CVE-2021-21220 – Google Chromium V8 Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una comprobación insuficiente de una entrada no confiable en V8 en Google Chrome versiones anteriores a e 89.0.4389.128, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chromium. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of the XOR operation when executed within JIT compiled code. By performing actions in JavaScript, an attacker can trigger a memory access past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://github.com/security-dbg/CVE-2021-21220 http://packetstormsecurity.com/files/162437/Google-Chrome-XOR-Typer-Out-Of-Bounds-Access-Remote-Code-Execution.html http://packetstormsecurity.com/files/176210/Chrome-V8-JIT-XOR-Arbitrary-Code-Execution.html https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html https://crbug.com/1196683 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG https://lists.fedoraproject.org/ • CWE-787: Out-of-bounds Write •
CVSS: 8.0EPSS: 0%CPEs: 6EXPL: 0CVE-2021-20288 – ceph: Unauthorized global_id reuse in cephx
https://notcve.org/view.php?id=CVE-2021-20288
An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo de autenticación en ceph en versiones anteriores a 14.2.20. • https://bugzilla.redhat.com/show_bug.cgi?id=1938031 https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/362CEPPYF3YMJZBEJQUT3KDE2EHYYIYQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BPIAYTRCWAU4XWCDBK2THEFVXSC4XGK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVWUKUUS5BCIFWRV3JCUQMAPJ4HIWSED https://security.gentoo.org/glsa/202105-39 ht • CWE-287: Improper Authentication •