CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 1CVE-2019-14459
https://notcve.org/view.php?id=CVE-2019-14459
nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service). nfdump 1.6.17 y versiones anteriores se ven afectadas por un desbordamiento de enteros en la función Process_ipfix_template_withdraw en ipfix.c que se puede abusar para bloquear el proceso de forma remota (denegación de servicio). • https://github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b https://github.com/phaag/nfdump/issues/171 https://lists.debian.org/debian-lts-announce/2020/09/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ULSZMKA7P7REJMANVL7D6WMZ2L7IRSET https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTONOGJU5FSMFNRCT6OHXYUMDRKH4RPA https://security.gentoo.org/glsa/202003-17 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-1010057
https://notcve.org/view.php?id=CVE-2019-1010057
nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffile_inline.c:83, minilzo.c (redistributed). The attack vector is: nfdump must read and process a specially crafted file. The fixed version is: after commit 9f0fe9563366f62a71d34c92229da3432ec5cf0e. nfdump versiones 1.6.16 y anteriores están afectados por: Desbordamiento de búfer. • https://github.com/phaag/nfdump/issues/104 https://lists.debian.org/debian-lts-announce/2020/09/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ULSZMKA7P7REJMANVL7D6WMZ2L7IRSET https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTONOGJU5FSMFNRCT6OHXYUMDRKH4RPA https://security.gentoo.org/glsa/202003-17 • CWE-787: Out-of-bounds Write •