CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-9077
https://notcve.org/view.php?id=CVE-2019-9077
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. Se ha descubierto un problema en GNU Binutils 2.32. Es un desbordamiento de búfer basado en memoria dinámica (heap) en process_mips_specific en readelf.c mediante una sección de opción MIPS mal formada. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html http://www.securityfocus.com/bid/107139 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24243 https://support.f5.com/csp/article/K00056379 https://usn.ubuntu.com/4336-1 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-1320 – thrift: SASL negotiation isComplete validation bypass in the org.apache.thrift.transport.TSaslTransport class
https://notcve.org/view.php?id=CVE-2018-1320
Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making the validation incomplete. La librería de cliente Java de Apache Thrift, desde la versión 0.5.0 hasta la 0.11.0, puede omitir la validación de la negociación de SASL "isComplete" en la clase org.apache.thrift.transport.TSaslTransport. Una aserción utilizada para determinar si el handshake SASL se ha completado de manera exitosa podría deshabilitarse en los ajustes de producción, prohibiendo que la validación se complete. • http://www.openwall.com/lists/oss-security/2019/07/24/3 http://www.securityfocus.com/bid/106551 https://access.redhat.com/errata/RHSA-2019:2413 https://lists.apache.org/thread.html/07c3cd5a2953a4b253eee4437b1397b1603d0f886437e19b657d2c54%40%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/187684ac8b94d55256253f5220cb55e8bd568afdf9a8a86e9bbb66c9%40%3Cdevnull.infra.apache.org%3E https://lists.apache.org/thread.html/3d3b6849fcf4cd1e87703b3dde0d57aabeb9ba0193dc0cf3c97f545d%40%3Ccommits.cassandra.apache.org%3E https://lists.apa • CWE-287: Improper Authentication CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-20657 – libiberty: Memory leak in demangle_template function resulting in a denial of service
https://notcve.org/view.php?id=CVE-2018-20657
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698. La función demangle_template en cplus-dem.c en GNU libiberty, como se distribuyó en la versión 2.31.1, tiene una fuga de memoria mediante una cadena manipulada, provocando una denegación de servicio (consumo de memoria), tal y como queda demostrado con cxxfilt. Este problema está relacionado con CVE-2018-12698. • http://www.securityfocus.com/bid/106444 https://access.redhat.com/errata/RHSA-2019:3352 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539 https://support.f5.com/csp/article/K62602089 https://access.redhat.com/security/cve/CVE-2018-20657 https://bugzilla.redhat.com/show_bug.cgi?id=1664708 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-20002
https://notcve.org/view.php?id=CVE-2018-20002
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm. La función _bfd_generic_read_minisymbols en syms.c en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.31, tiene una fuga de memoria mediante un archivo ELF manipulado, que conduce a una denegación de servicio (consumo de memoria), tal y como queda demostrado con nm. • http://www.securityfocus.com/bid/106142 https://security.gentoo.org/glsa/201908-01 https://security.netapp.com/advisory/ntap-20190221-0004 https://sourceware.org/bugzilla/show_bug.cgi?id=23952 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9 https://support.f5.com/csp/article/K62602089 https://usn.ubuntu.com/4336-1 • CWE-772: Missing Release of Resource after Effective Lifetime •