Page 56 of 982 results (0.007 seconds)

CVSS: 2.5EPSS: 0%CPEs: 8EXPL: 1

CVE-2021-23239 – sudo: possible directory existence test due to race condition in sudoedit

https://notcve.org/view.php?id=CVE-2021-23239

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path. La personalidad sudoedit de Sudo versiones anteriores a 1.9.5, puede permitir a un usuario local poco privilegiado llevar a cabo pruebas arbitrarias de existencia de directorio al ganar una condición de carrera en el archivo sudo_edit.c al reemplazar un directorio controlado por el usuario por un enlace simbólico a una ruta arbitraria A flaw was found in sudoedit. A race condition vulnerability and improper symbolic link resolution could be used by a local unprivileged user to test for the existence of directories and files not normally accessible to the user. This flaw cannot be used to read the content or write to arbitrary files on the file system. The highest threat from this vulnerability is to data confidentiality. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2021-23239 https://lists.debian.org/debian-lts-announce/2022/11/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EE42Y35SMJOLONAIBNYNFC7J44UUZ2Y6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GMY4VSSBIND7VAYSN6T7XIWJRWG4GBB3 https://security.gentoo.org/glsa/202101-33 https://security.netapp.com/advisory/ntap-20210129-0010 https://www.sudo.ws/stable.html#1.9.5 h • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-203: Observable Discrepancy •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2020-35653 – python-pillow: Buffer over-read in PCX image reader

https://notcve.org/view.php?id=CVE-2020-35653

In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations. En Pillow versiones anteriores a 8.1.0, la función PcxDecode presenta una lectura excesiva del búfer cuando se decodifica un archivo PCX diseñado porque el valor de paso suministrado por el usuario es confiable para los cálculos del búfer A flaw was found in python-pillow. The PcxDecode in Pillow has a buffer over-read when decoding a crafted PCX file due to the user-supplied stride value trusted for buffer calculations. The highest threat from this vulnerability is to system availability. • https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD https://pillow.readthedocs.io/en/stable/releasenotes/index.html https://access.redhat.com/security/cve/CVE-2020-35653 https://bugzilla.redhat.com/show_bug.cgi?id=1915420 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-35654 – python-pillow: decoding crafted YCbCr files could result in heap-based buffer overflow

https://notcve.org/view.php?id=CVE-2020-35654

In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. En Pillow versiones anteriores a 8.1.0, la función TiffDecode presenta un desbordamiento del búfer en la región heap de la memoria cuando se decodifican archivos YCbCr diseñados debido a determinados conflictos de interpretación con LibTIFF en modo RGBA A flaw was found in python-pillow. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQQY6472RX4J2SUJENWDZAWKTJJGP2ML https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTSY25UJU7NJUFHH3HWT575LT4TDFWBZ https://pillow.readthedocs.io/en/stable/releasenotes/index.html • CWE-787: Out-of-bounds Write •

CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-35655 – python-pillow: Buffer over-read in SGI RLE image reader

https://notcve.org/view.php?id=CVE-2020-35655

In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled. En Pillow versiones anteriores a 8.1.0, la función SGIRleDecode presenta una lectura excesiva de búfer de 4 bytes cuando se decodifican archivos de imagen SGI RLE diseñados porque unas compensaciones y unas tablas de longitud se manejan inapropiadamente A flaw was found in python-pillow. SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD https://pillow.readthedocs.io/en/stable/releasenotes/index.html https://access.redhat.com/security/cve/CVE-2020-35655 https://bugzilla.redhat.com/show_bug.cgi?id=1915432 • CWE-125: Out-of-bounds Read •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 1

CVE-2020-26262 – Loopback bypass in Coturn

https://notcve.org/view.php?id=CVE-2020-26262

Coturn is free open source implementation of TURN and STUN Server. Coturn before version 4.5.2 by default does not allow peers to connect and relay packets to loopback addresses in the range of `127.x.x.x`. However, it was observed that when sending a `CONNECT` request with the `XOR-PEER-ADDRESS` value of `0.0.0.0`, a successful response was received and subsequently, `CONNECTIONBIND` also received a successful response. Coturn then is able to relay packets to the loopback interface. Additionally, when coturn is listening on IPv6, which is default, the loopback interface can also be reached by making use of either `[::1]` or `[::]` as the peer address. • https://github.com/coturn/coturn/blob/57180ab60afcaeb13537e69ae8cb8aefd8f3f546/ChangeLog#L48 https://github.com/coturn/coturn/commit/abfe1fd08d78baa0947d17dac0f7411c3d948e4d https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G54UIUFTEC6RLPOISMB6FUW7456SBZC4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M4CJOPAQT43MYAFU3UROGLEXN3Z6RS4H • CWE-441: Unintended Proxy or Intermediary ('Confused Deputy') CWE-682: Incorrect Calculation •