CVE-2022-2301 – Buffer Over-read in hpjansson/chafa
https://notcve.org/view.php?id=CVE-2022-2301
Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3. Una Lectura Excesiva del búfer en el repositorio de GitHub hpjansson/chafa versiones anteriores a 1.10.3 • https://github.com/hpjansson/chafa/commit/56fabfa18a6880b4cb66047fa6557920078048d9 https://huntr.dev/bounties/f6b9114b-671d-4948-b946-ffe5c9aeb816 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2022-2061 – Heap-based Buffer Overflow in hpjansson/chafa
https://notcve.org/view.php?id=CVE-2022-2061
Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. Un Desbordamiento del búfer en la Región Heap de la Memoria en el repositorio de GitHub hpjansson/chafa versiones anteriores a 1.12.0 • https://github.com/hpjansson/chafa/commit/e6ce3746cdcf0836b9dae659a5aed15d73a080d8 https://huntr.dev/bounties/365ab61f-9a63-421c-97e6-21d4653021f0 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-1507 – chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in hpjansson/chafa
https://notcve.org/view.php?id=CVE-2022-1507
chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. chafa: Una Desreferencia de Puntero NULL en la función gif_internal_decode_frame at libnsgif.c:599 permite a atacantes causar una denegación de servicio (bloqueo) por medio de un archivo de entrada diseñado. en el repositorio de GitHub hpjansson/chafa versiones anteriores a 1.10.2. chafa: Una Desreferencia de Puntero NULL en la función gif_internal_decode_frame at libnsgif.c:599 permite a atacantes causar una denegación de servicio (bloqueo) por medio de un archivo de entrada diseñado • https://github.com/hpjansson/chafa/commit/e4b777c7b7c144cd16a0ea96108267b1004fe6c9 https://huntr.dev/bounties/104d8c5d-cac5-4baa-9ac9-291ea0bcab95 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3PLHKTQYK6AO3M5NAVM3CDVQTZZS6MCO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIOAZPITFL2Y7Y6KHCZ4OIK7P7KWFN22 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L54UEP5S254VP5FZWGFPHLTPMFJVOGYT • CWE-476: NULL Pointer Dereference •