CVE-2020-10379 – python-pillow: two buffer overflows in libImaging/TiffDecode.c due to small buffers allocated in ImagingLibTiffDecode()
https://notcve.org/view.php?id=CVE-2020-10379
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. En Pillow versiones anteriores a 7.1.0, se presentan dos Desbordamientos de Búfer en la biblioteca libImaging/TiffDecode.c • https://github.com/python-pillow/Pillow/commit/46f4a349b88915787fea3fb91348bb1665831bbb#diff-9478f2787e3ae9668a15123b165c23ac https://github.com/python-pillow/Pillow/commits/master/src/libImaging https://github.com/python-pillow/Pillow/pull/4538 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427 https://pillow.readthedocs.io/en/stable/releasenotes/7.1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2020-10378 – python-pillow: an out-of-bounds read in libImaging/PcxDecode.c can occur when reading PCX files
https://notcve.org/view.php?id=CVE-2020-10378
In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer. En la biblioteca libImaging/PcxDecode.c en Pillow versiones anteriores a 7.1.0, puede ocurrir una lectura fuera de límites cuando se leen archivos PCX donde state->shuffle es instruido para que lea más allá de state->buffer A flaw was found in python-pillow. In libImaging/PcxDecode.c, an out-of-bounds read occurs when reading PCX files where state->shuffle is instructed to read beyond state->buffer. • https://github.com/python-pillow/Pillow/commit/6a83e4324738bb0452fbe8074a995b1c73f08de7#diff-9478f2787e3ae9668a15123b165c23ac https://github.com/python-pillow/Pillow/commits/master/src/libImaging https://github.com/python-pillow/Pillow/pull/4538 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HOKHNWV2VS5GESY7IBD237E7C6T3I427 https://pillow.readthedocs.io/en/stable/releasenotes/7.1 • CWE-125: Out-of-bounds Read •
CVE-2020-15005
https://notcve.org/view.php?id=CVE-2020-15005
In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs because Cache-Control and Vary headers were mishandled. En MediaWiki en versiones anteriores a la 1.31.8, 1.32.x y 1.33.x versiones anteriores a la 1.33.4, y 1.34.x en versiones anteriores a la 1.34.2, los wikis privados que se encuentran detrás de un servidor de almacenamiento en caché que utiliza la función de seguridad de autorización de imágenes img_auth.php pueden haber tenido sus archivos almacenados en caché públicamente, de modo que cualquier usuario no autorizado pueda verlos. Esto ocurre porque el control de la caché y las cabeceras de Vary se manejaron mal • https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_31/RELEASE-NOTES-1.31 https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_33/RELEASE-NOTES-1.33 https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_34/RELEASE-NOTES-1.34 https://lists.debian.org/debian-lts-announce/2020/12/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEZIMLJMJS72SJXPYL736XMUAVCRQD2H https://lists.wikimedia.o •
CVE-2020-11095 – Global OOB read in update_recv_primary_order in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11095
In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2. En FreeRDP versiones anteriores a 2.1.2, se producen lecturas fuera de límite que resultan en el acceso a una ubicación de memoria que está fuera de límites de la matriz estática de PRIMARY_DRAWING_ORDER_FIELD_BYTES. Esto es corregido en la versión 2.1.2 • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html http://www.freerdp.com/2020/06/22/2_1_2-released https://github.com/FreeRDP/FreeRDP/commit/733ee3208306b1ea32697b356c0215180fc3f049 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2 https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ https://lists.fedoraproject.org/archives/list • CWE-125: Out-of-bounds Read •
CVE-2020-11096 – Global OOB read in update_read_cache_bitmap_v3_order in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11096
In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2. En FreeRDP versiones anteriores a 2.1.2, se presenta una lectura OOB global en update_read_cache_bitmap_v3_order. Como solución alternativa, se puede deshabilitar la memoria caché de mapa de bits con -bitmap-cache (predeterminado). • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html http://www.freerdp.com/2020/06/22/2_1_2-released https://github.com/FreeRDP/FreeRDP/commit/b8beb55913471952f92770c90c372139d78c16c0 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mjw7-3mq2-996x https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ https://lists.fedoraproject.org/archives/list • CWE-125: Out-of-bounds Read •