CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-3705 – vim autocmd quickfix.c qf_update_buffer use after free
https://notcve.org/view.php?id=CVE-2022-3705
A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. • http://seclists.org/fulldisclosure/2023/Jan/19 https://github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731 https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4JCW33NOLMELTTTDJH7WGDIFJZ5YEEMK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYEK5RNMH7MVQH6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 3CVE-2022-43680 – expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate
https://notcve.org/view.php?id=CVE-2022-43680
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. En libexpat versiones hasta 2.4.9, se presenta un uso de memoria previamente liberada causado por la destrucción excesiva de un DTD compartido en XML_ExternalEntityParserCreate en situaciones fuera de memoria A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions. • http://www.openwall.com/lists/oss-security/2023/12/28/5 http://www.openwall.com/lists/oss-security/2024/01/03/5 https://github.com/libexpat/libexpat/issues/649 https://github.com/libexpat/libexpat/pull/616 https://github.com/libexpat/libexpat/pull/650 https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE https://lists.fedoraproject.org/archives/list&#x • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3627 – libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c
https://notcve.org/view.php?id=CVE-2022-3627
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en _TIFFmemcpy en el archivo libtiff/tif_unix.c:346 cuando se llama desde extractImageSection, tools/tiffcrop.c:6860, permitiendo a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff desde las fuentes, la corrección está disponible con el commit 236b7191 An out-of-bounds write flaw was found in the _TIFFmemcpy function in libtiff/tif_unix.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3627.json https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047 https://gitlab.com/libtiff/libtiff/-/issues/411 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://security.netapp.com/advisory/ntap-20230110-0001 https://www.debian.org/security/2023/dsa-5333 https://access.redhat.com/security/cve/CVE-2022-3627 https://bugzilla.redhat.com/show_bug.cgi?id=2142742 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3597 – libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix
https://notcve.org/view.php?id=CVE-2022-3597
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en el archivo _TIFFmemcpy en libtiff/tif_unix.c:346 cuando es llamado desde extractImageSection, tools/tiffcrop.c:6826, permitiendo a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff desde las fuentes, la corrección está disponible con el commit 236b7191 An out-of-bounds write flaw was found in the _TIFFmemcpy function in libtiff/tif_unix.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3597.json https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047 https://gitlab.com/libtiff/libtiff/-/issues/413 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://security.netapp.com/advisory/ntap-20230110-0001 https://www.debian.org/security/2023/dsa-5333 https://access.redhat.com/security/cve/CVE-2022-3597 https://bugzilla.redhat.com/show_bug.cgi?id=2142736 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-3626 – libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c
https://notcve.org/view.php?id=CVE-2022-3626
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en _TIFFmemset en el archivo libtiff/tif_unix.c:340 cuando se llama desde processCropSelections, tools/tiffcrop.c:7619, lo que permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff desde las fuentes, la corrección está disponible con el commit 236b7191 An out-of-bounds write flaw was found in the _TIFFmemset function in libtiff/tif_unix.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3626.json https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047 https://gitlab.com/libtiff/libtiff/-/issues/426 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://security.netapp.com/advisory/ntap-20230110-0001 https://access.redhat.com/security/cve/CVE-2022-3626 https://bugzilla.redhat.com/show_bug.cgi?id=2142741 • CWE-787: Out-of-bounds Write •