CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 1CVE-2021-3516 – libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c
https://notcve.org/view.php?id=CVE-2021-3516
There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability. Se encontró un fallo en xmllint de libxml2 en versiones anteriores a 2.9.11. Un atacante que es capaz de enviar un archivo diseñado para ser procesado por xmllint podría desencadenar un uso de la memoria previamente liberada. • https://bugzilla.redhat.com/show_bug.cgi?id=1954225 https://gitlab.gnome.org/GNOME/libxml2/-/commit/1358d157d0bd83be1dfe356a69213df9fac0b539 https://gitlab.gnome.org/GNOME/libxml2/-/issues/230 https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV https://security& • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2020-10729
https://notcve.org/view.php?id=CVE-2020-10729
A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6. Se encontró un fallo en el uso de valores insuficientemente aleatorios en Ansible. • https://bugzilla.redhat.com/show_bug.cgi?id=1831089 https://github.com/ansible/ansible/issues/34144 https://www.debian.org/security/2021/dsa-4950 • CWE-330: Use of Insufficiently Random Values •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-36329 – libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c
https://notcve.org/view.php?id=CVE-2020-36329
A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en libwebp en versiones anteriores a 1.0.1. Se encontró un uso de la memoria previamente liberada debido a que un subproceso se eliminó demasiado pronto. • http://seclists.org/fulldisclosure/2021/Jul/54 https://bugzilla.redhat.com/show_bug.cgi?id=1956843 https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html https://security.netapp.com/advisory/ntap-20211112-0001 https://support.apple.com/kb/HT212601 https://www.debian.org/security/2021/dsa-4930 https://access.redhat.com/security/cve/CVE-2020-36329 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-36328 – libwebp: heap-based buffer overflow in WebPDecode*Into functions
https://notcve.org/view.php?id=CVE-2020-36328
A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en libwebp en versiones anteriores a 1.0.1. Un desbordamiento del búfer en la región heap de la memoria en la función WebPDecodeRGBInto es posible debido a una verificación no válida del tamaño del búfer. • http://seclists.org/fulldisclosure/2021/Jul/54 https://bugzilla.redhat.com/show_bug.cgi?id=1956829 https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html https://security.netapp.com/advisory/ntap-20211112-0001 https://support.apple.com/kb/HT212601 https://www.debian.org/security/2021/dsa-4930 https://access.redhat.com/security/cve/CVE-2020-36328 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2021-3537 – libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode
https://notcve.org/view.php?id=CVE-2021-3537
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. Una vulnerabilidad encontrada en libxml2 en versiones anteriores a 2.9.11 muestra que no propagó errores al analizar el contenido mixto XML, causando una desreferencia de NULL. Si un documento XML que no es confiable fue analizado en modo de recuperación y pos-comprobado, el fallo podría usarse para bloquear la aplicación. • https://bugzilla.redhat.com/show_bug.cgi?id=1956522 https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV https://security.gentoo.org/glsa/202107-05 https://security.netapp.com/advisory/ntap-20210625-0002 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-476: NULL Pointer Dereference •