Page 11 of 460 results (0.013 seconds)

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 2

CVE-2022-34526

https://notcve.org/view.php?id=CVE-2022-34526

A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities. Se ha descubierto un desbordamiento de pila en la función _TIFFVGetField de Tiffsplit v4.4.0. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) a través de un archivo TIFF manipulado analizado por las utilidades "tiffsplit" o "tiffcrop" • https://gitlab.com/libtiff/libtiff/-/issues/433 https://gitlab.com/libtiff/libtiff/-/issues/486 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FC6LWPAEKYJ57LSHX4SBFMLRMLOZTHIJ https://security.netapp.com/advisory/ntap-20220930-0002 https://www.debian.org/security/2023/dsa-5333 • CWE-787: Out-of-bounds Write •

CVSS: 5.3EPSS: 0%CPEs: 22EXPL: 0

CVE-2022-2097 – AES OCB fails to encrypt some bytes

https://notcve.org/view.php?id=CVE-2022-2097

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). • https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431 https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93 https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fe • CWE-325: Missing Cryptographic Step CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 2

CVE-2022-34903 – gpg: Signature spoofing via status line injection

https://notcve.org/view.php?id=CVE-2022-34903

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. GnuPG versiones hasta 2.3.6, en situaciones inusuales en las que un atacante posee cualquier información de clave secreta del llavero de la víctima y son cumplidos en otras restricciones (por ejemplo, el uso de GPGME), permite una falsificación de firmas por medio de la inyección en la línea de estado A vulnerability was found in GnuPG. This issue occurs due to an escape detection loop at the write_status_text_and_buffer() function in g10/cpr.c. This flaw allows a malicious actor to bypass access control. • http://www.openwall.com/lists/oss-security/2022/07/02/1 https://bugs.debian.org/1014157 https://dev.gnupg.org/T6027 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL https://lists.fedoraproject.org/archives • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 5.9EPSS: 0%CPEs: 22EXPL: 1

CVE-2022-32208 – curl: FTP-KRB bad message verification

https://notcve.org/view.php?id=CVE-2022-32208

When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. Cuando curl versiones anteriores a 7.84.0, hace transferencias FTP aseguradas por krb5, maneja inapropiadamente los fallos de verificación de mensajes. Este fallo hace posible que un ataque de tipo Man-In-The-Middle pase desapercibido e incluso permite inyectar datos al cliente A vulnerability was found in curl. This issue occurs because it mishandles message verification failures when curl does FTP transfers secured by krb5. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://hackerone.com/reports/1590071 https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY https://security.gentoo.org/glsa/202212-01 https://security.netapp.com/advisory/ntap-20220915-0003 https://support.apple.com/kb/HT213488 https://www.debian.org/security/2022/ • CWE-787: Out-of-bounds Write CWE-840: Business Logic Errors CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •

CVSS: 6.5EPSS: 0%CPEs: 33EXPL: 1

CVE-2022-32206 – curl: HTTP compression denial of service

https://notcve.org/view.php?id=CVE-2022-32206

curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors. curl versiones anteriores a 7.84.0, soporta algoritmos de compresión HTTP "encadenados", lo que significa que una respuesta al servidor puede ser comprimida múltiples veces y potencialmente con diferentes algoritmos. El número de "eslabones" aceptables en esta "cadena de descompresión" era ilimitado, lo que permitía a un servidor malicioso insertar un número prácticamente ilimitado de pasos de compresión. El uso de una cadena de descompresión de este tipo podía resultar en una "bomba de malloc", haciendo que curl acabara gastando enormes cantidades de memoria de montón asignada, o intentando y devolviendo errores de memoria A vulnerability was found in curl. This issue occurs because the number of acceptable "links" in the "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 http://www.openwall.com/lists/oss-security/2023/02/15/3 https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf https://hackerone.com/reports/1570651 https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY https://security.gentoo.org/glsa/202212-01 https:/ • CWE-770: Allocation of Resources Without Limits or Throttling •