Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.42%
  • Veröffentlicht 25.06.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:56:32

In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file.

  • EPSS 2.51%
  • Veröffentlicht 25.06.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:58:06

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

  • EPSS 1.3%
  • Veröffentlicht 24.06.2020 23:15:10
  • Zuletzt bearbeitet 21.11.2024 05:04:36

In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized use...

  • EPSS 1.85%
  • Veröffentlicht 22.06.2020 22:15:13
  • Zuletzt bearbeitet 21.11.2024 05:32:11

In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.

  • EPSS 1.81%
  • Veröffentlicht 22.06.2020 22:15:13
  • Zuletzt bearbeitet 21.11.2024 05:32:11

In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.

  • EPSS 1.84%
  • Veröffentlicht 22.06.2020 22:15:13
  • Zuletzt bearbeitet 21.11.2024 05:32:11

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.

  • EPSS 1.84%
  • Veröffentlicht 22.06.2020 22:15:13
  • Zuletzt bearbeitet 21.11.2024 05:32:11

In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2.

  • EPSS 1.84%
  • Veröffentlicht 22.06.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 04:56:46

In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2.

  • EPSS 1.46%
  • Veröffentlicht 22.06.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 04:56:46

In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.

  • EPSS 1.67%
  • Veröffentlicht 22.06.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 04:56:46

In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2.