CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-33798
https://notcve.org/view.php?id=CVE-2021-33798
A null pointer dereference was found in libpano13, version libpano13-2.9.20. The flow allows attackers to cause a denial of service and potential code execute via a crafted file. • https://groups.google.com/u/1/g/hugin-ptx/c/gLtz2vweD74 https://sourceforge.net/p/panotools/libpano13/ci/62aa7eed8fae5d8f247a2508a757f31000de386f • CWE-476: NULL Pointer Dereference •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2021-33293
https://notcve.org/view.php?id=CVE-2021-33293
Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function panoParserFindOLine() in parser.c. Se ha detectado que Panorama Tools libpano13 versión v2.9.20, contiene una lectura fuera de límites en la función panoParserFindOLine() en el archivo parser.c • https://groups.google.com/u/1/g/hugin-ptx/c/gLtz2vweD74 https://lists.debian.org/debian-lts-announce/2022/03/msg00029.html https://sourceforge.net/p/panotools/libpano13/ci/62aa7eed8fae5d8f247a2508a757f31000de386f • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2021-20307
https://notcve.org/view.php?id=CVE-2021-20307
Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values. Una vulnerabilidad de cadena de formato en la función panoFileOutputNamesCreate() en libpano versiones 13 2.9.20~rc2+dfsg-3 y anteriores, puede conllevar a leer y escribir valores de memoria arbitrarios • https://bugzilla.redhat.com/show_bug.cgi?id=1946284 https://lists.debian.org/debian-lts-announce/2021/04/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FVJRXUOBN56ZWP6QQ3NTA6DIFZMDZAEQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JE6YZSXNVD6WZ3AG3ENL2DIHQFF24LYX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VYDYBKHT2MNMQCUMAVJNZW4VH6MD5BOF https://security.gentoo.org/glsa/202107-47 ht • CWE-134: Use of Externally-Controlled Format String •