CVE-2020-27772
https://notcve.org/view.php?id=CVE-2020-27772
A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. Se encontró un fallo en ImageMagick en el archivo coders/bmp.c. • https://bugzilla.redhat.com/show_bug.cgi?id=1898291 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVE-2020-27767
https://notcve.org/view.php?id=CVE-2020-27767
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. Se encontró un fallo en ImageMagick en el archivo MagickCore/quantum.h. • https://bugzilla.redhat.com/show_bug.cgi?id=1894687 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVE-2020-27774
https://notcve.org/view.php?id=CVE-2020-27774
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. Se encontró un fallo en ImageMagick en el archivo MagickCore/statistic.c. • https://bugzilla.redhat.com/show_bug.cgi?id=1898296 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVE-2020-27776
https://notcve.org/view.php?id=CVE-2020-27776
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0. Se encontró un fallo en ImageMagick en el archivo MagickCore/statistic.c. • https://bugzilla.redhat.com/show_bug.cgi?id=1898304 https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVE-2020-25710 – openldap: assertion failure in CSN normalization with invalid input
https://notcve.org/view.php?id=CVE-2020-25710
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability. Se encontró un fallo en OpenLDAP en versiones anteriores a 2.4.56. Este fallo permite a un atacante que envía un paquete malicioso procesado por OpenLDAP forzar una afirmación fallida en la función csnNormalize23(). • https://bugzilla.redhat.com/show_bug.cgi?id=1899678 https://git.openldap.org/openldap/openldap/-/commit/ab3915154e69920d480205b4bf5ccb2b391a0a1f#a2feb6ed0257c21c6672793ee2f94eaadc10c72c https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/12/msg00008.html https://security.netapp.com/advisory/ntap-20210716- • CWE-617: Reachable Assertion •