CVE-2023-38633 – librsvg: Arbitrary file read when xinclude href has special characters
https://notcve.org/view.php?id=CVE-2023-38633
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element. A directory traversal vulnerability was discovered in the URL decoder of Librsvg. This issue occurs when xinclude href has special characters; demonstrated by href=".?.. • http://seclists.org/fulldisclosure/2023/Jul/43 http://www.openwall.com/lists/oss-security/2023/07/27/1 http://www.openwall.com/lists/oss-security/2023/09/06/10 https://bugzilla.suse.com/show_bug.cgi?id=1213502 https://gitlab.gnome.org/GNOME/librsvg/-/issues/996 https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.56.3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/422NTIHIEBRASIG2DWXYBH4ADYMHY626 https://lists.fedoraproject.org • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-32636 – glib: Timeout in fuzz_variant_text
https://notcve.org/view.php?id=CVE-2023-32636
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499. Se encontró una falla en glib, donde el código de deserialización gvariant es vulnerable a una denegación de servicio introducida por una validación de entrada adicional agregada para resolver CVE-2023-29499. La validación de la tabla de desplazamiento puede ser muy lenta. • https://gitlab.gnome.org/GNOME/glib/-/issues/2841 https://https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835 https://security.netapp.com/advisory/ntap-20231110-0002 https://access.redhat.com/security/cve/CVE-2023-32636 https://bugzilla.redhat.com/show_bug.cgi?id=2211833 • CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data •
CVE-2023-26081
https://notcve.org/view.php?id=CVE-2023-26081
In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. • https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9x https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275 https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV • CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2019-25085 – GNOME gvdb gvdb-builder.c gvdb_table_write_contents_async use after free
https://notcve.org/view.php?id=CVE-2019-25085
A vulnerability was found in GNOME gvdb. It has been classified as critical. This affects the function gvdb_table_write_contents_async of the file gvdb-builder.c. The manipulation leads to use after free. It is possible to initiate the attack remotely. • https://github.com/GNOME/gvdb/commit/d83587b2a364eb9a9a53be7e6a708074e252de14 https://vuldb.com/?ctiid.216789 https://vuldb.com/?id.216789 • CWE-416: Use After Free •
CVE-2022-37290
https://notcve.org/view.php?id=CVE-2022-37290
GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive. GNOME Nautilus 42.2 permite una desreferencia del puntero NULL y el bloqueo de la aplicación get_basename a través de un archivo ZIP pegado. • https://gitlab.gnome.org/GNOME/nautilus/-/issues/2376 https://gitlab.gnome.org/GNOME/nautilus/-/merge_requests/1001 https://gitlab.gnome.org/GNOME/nautilus/-/tree/master https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PX5CVF4FAHFA6UNKHFBBLOP2NUMIQJAY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XYPDZ7LBBUVU3WFK7DCGDFGK2GXTKGT5 • CWE-476: NULL Pointer Dereference •