CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 1CVE-2018-20546
https://notcve.org/view.php?id=CVE-2018-20546
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. Hay un acceso de LECTURA ilegal en la memoria en caca/dither.c (función get_rgba_default) en libcaca 0.99.beta19 para el caso bpp por defecto. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00033.html https://bugzilla.redhat.com/show_bug.cgi?id=1652622 https://github.com/cacalabs/libcaca/commit/1022d97496c7899e8641515af363381b31ae2f05 https://github.com/cacalabs/libcaca/issues/38 https://lists.debian.org/debian-lts-announce/2019/01/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WFGYICNTMNDNMDDUV4G2RYFB5HNJCOV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 2CVE-2018-20545
https://notcve.org/view.php?id=CVE-2018-20545
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. Hay un acceso de ESCRITURA de memoria ilegal en common-image.c (en la función load_image) en los datos 4bpp de la versión 0.99.beta19 de libcaca. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00033.html https://bugzilla.redhat.com/show_bug.cgi?id=1652621 https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592 https://github.com/cacalabs/libcaca/issues/37 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WFGYICNTMNDNMDDUV4G2RYFB5HNJCOV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PC7EGOEQ5C4OD66ZUJJIIYEXBTZOCMZX https://lists.fedoraproject.org/ar • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 1CVE-2018-19542
https://notcve.org/view.php?id=CVE-2018-19542
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service. Se ha descubierto un problema en JasPer 2.0.14. Hay una desreferencia de puntero NULL en la función jp2_decode en libjasper/jp2/jp2_dec.c, provocando una denegación de servicio (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00004.html https://github.com/mdadams/jasper/issues/182 https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html https://www.oracle.com/security-alerts/cpuapr2020.html • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 1CVE-2018-19539
https://notcve.org/view.php?id=CVE-2018-19539
An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service. Se ha descubierto un problema en JasPer 2.0.14. Hay una violación de acceso en la función jas_image_readcmpt en libjasper/base/jas_image.c, provocando una denegación de servicio (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00004.html https://github.com/mdadams/jasper/issues/182 https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html https://www.oracle.com/security-alerts/cpuapr2020.html • CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 1CVE-2018-18520 – elfutils: eu-size cannot handle recursive ar files
https://notcve.org/view.php?id=CVE-2018-18520
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file. Existe una desreferencia de dirección de memoria inválida en la función elf_end en elfutils hasta la versión v0.174. Aunque se supone que eu-size soporta archivos ar dentro de archivos ar, handle_ar en size.c cierra el archivo ar externo antes de gestionar todas la entradas internas. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html https://access.redhat.com/errata/RHSA-2019:2197 https://lists.debian.org/debian-lts-announce/2019/02/msg00036.html https://lists.debian.org/debian-lts-announce/2021/10/msg00030.html https://sourceware.org/bugzilla/show_bug.cgi?id=23787 https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html https://usn.ubuntu.com/4012-1 https://access.redhat.com/security/cve/CVE-2018-18520 https://bugzilla.redh • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •