Docker circleci/node:11.13-stretch-browsers

Vulnerabilities

1128 via 5459 paths

Dependencies

616

Source

Group 6 Copy Created with Sketch. Docker

Target OS

debian:9
Test your Docker Hub image against our market leading vulnerability database Sign up for free
Severity
  • 339
  • 259
  • 530
Status
  • 1128
  • 0
  • 0
OS binaries
  • 1124
  • 4

high severity

Link Following

  • Vulnerable module: avahi/libavahi-client3
  • Introduced through: avahi/libavahi-client3@0.6.32-2, avahi/libavahi-common-data@0.6.32-2 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* avahi/libavahi-client3@0.6.32-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* avahi/libavahi-common-data@0.6.32-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* avahi/libavahi-common3@0.6.32-2

NVD Description

Note: Versions mentioned in the description apply to the upstream avahi package.

avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the packaging for Debian GNU/Linux (used indirectly by SUSE), not the upstream Avahi product.

Remediation

There is no fixed version for Debian:9 avahi.

References

high severity

Improper Input Validation

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in malloc() with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Use After Free

  • Vulnerable module: binutils
  • Introduced through: binutils@2.28-5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* binutils@2.28-5

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because incorrect functions are called during an attempt to release memory. The issue can be addressed by better input validation in the bfd_generic_archive_p function in bfd/archive.c.

Remediation

There is no fixed version for Debian:9 binutils.

References

high severity

Out-of-bounds Write

  • Vulnerable module: bzip2
  • Introduced through: bzip2@1.0.6-8.1, bzip2/libbz2-1.0@1.0.6-8.1 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* bzip2@1.0.6-8.1
  • Introduced through: circleci/node:11.13-stretch-browsers@* bzip2/libbz2-1.0@1.0.6-8.1
  • Introduced through: circleci/node:11.13-stretch-browsers@* bzip2/libbz2-dev@1.0.6-8.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bzip2 package.

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

Remediation

There is no fixed version for Debian:9 bzip2.

References

high severity

Stack-based Buffer Overflow

  • Vulnerable module: cairo/libcairo-gobject2
  • Introduced through: cairo/libcairo-gobject2@1.14.8-1, cairo/libcairo-script-interpreter2@1.14.8-1 and others
  • Fixed in: 1.14.8-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* cairo/libcairo-gobject2@1.14.8-1
  • Introduced through: circleci/node:11.13-stretch-browsers@* cairo/libcairo-script-interpreter2@1.14.8-1
  • Introduced through: circleci/node:11.13-stretch-browsers@* cairo/libcairo2@1.14.8-1
  • Introduced through: circleci/node:11.13-stretch-browsers@* cairo/libcairo2-dev@1.14.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream cairo package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.

Remediation

Upgrade Debian:9 cairo to version 1.14.8-1+deb9u1 or higher.

References

high severity

Buffer Overflow

  • Vulnerable module: cups/libcups2
  • Introduced through: cups/libcups2@2.2.1-8+deb9u3
  • Fixed in: 2.2.1-8+deb9u4

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* cups/libcups2@2.2.1-8+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream cups package. See Remediation section below for Debian:9 relevant versions.

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.

Remediation

Upgrade Debian:9 cups to version 2.2.1-8+deb9u4 or higher.

References

high severity

Buffer Overflow

  • Vulnerable module: cups/libcups2
  • Introduced through: cups/libcups2@2.2.1-8+deb9u3
  • Fixed in: 2.2.1-8+deb9u4

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* cups/libcups2@2.2.1-8+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream cups package. See Remediation section below for Debian:9 relevant versions.

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.

Remediation

Upgrade Debian:9 cups to version 2.2.1-8+deb9u4 or higher.

References

high severity

Out-of-Bounds

  • Vulnerable module: cups/libcups2
  • Introduced through: cups/libcups2@2.2.1-8+deb9u3
  • Fixed in: 2.2.1-8+deb9u6

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* cups/libcups2@2.2.1-8+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream cups package. See Remediation section below for Debian:9 relevant versions.

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.

Remediation

Upgrade Debian:9 cups to version 2.2.1-8+deb9u6 or higher.

References

high severity

Arbitrary Code Injection

  • Vulnerable module: curl
  • Introduced through: curl@7.52.1-5+deb9u9, curl/libcurl3@7.52.1-5+deb9u9 and others
  • Fixed in: 7.52.1-5+deb9u11

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* curl@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3-gnutls@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl4-openssl-dev@7.52.1-5+deb9u9

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Debian:9 relevant versions.

curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.

Remediation

Upgrade Debian:9 curl to version 7.52.1-5+deb9u11 or higher.

References

high severity

Buffer Overflow

  • Vulnerable module: curl
  • Introduced through: curl@7.52.1-5+deb9u9, curl/libcurl3@7.52.1-5+deb9u9 and others
  • Fixed in: 7.52.1-5+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* curl@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3-gnutls@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl4-openssl-dev@7.52.1-5+deb9u9

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Debian:9 relevant versions.

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

Remediation

Upgrade Debian:9 curl to version 7.52.1-5+deb9u10 or higher.

References

high severity

Double Free

  • Vulnerable module: curl
  • Introduced through: curl@7.52.1-5+deb9u9, curl/libcurl3@7.52.1-5+deb9u9 and others
  • Fixed in: 7.52.1-5+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* curl@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3-gnutls@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl4-openssl-dev@7.52.1-5+deb9u9

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Debian:9 relevant versions.

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

Remediation

Upgrade Debian:9 curl to version 7.52.1-5+deb9u10 or higher.

References

high severity

Improper Certificate Validation

  • Vulnerable module: curl
  • Introduced through: curl@7.52.1-5+deb9u9, curl/libcurl3@7.52.1-5+deb9u9 and others
  • Fixed in: 7.52.1-5+deb9u13

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* curl@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3-gnutls@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl4-openssl-dev@7.52.1-5+deb9u9

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Debian:9 relevant versions.

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

Remediation

Upgrade Debian:9 curl to version 7.52.1-5+deb9u13 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: curl
  • Introduced through: curl@7.52.1-5+deb9u9, curl/libcurl3@7.52.1-5+deb9u9 and others
  • Fixed in: 7.52.1-5+deb9u13

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* curl@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3-gnutls@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl4-openssl-dev@7.52.1-5+deb9u9

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Debian:9 relevant versions.

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

Remediation

Upgrade Debian:9 curl to version 7.52.1-5+deb9u13 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: curl
  • Introduced through: curl@7.52.1-5+deb9u9, curl/libcurl3@7.52.1-5+deb9u9 and others
  • Fixed in: 7.52.1-5+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* curl@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3-gnutls@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl4-openssl-dev@7.52.1-5+deb9u9

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Debian:9 relevant versions.

A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.

Remediation

Upgrade Debian:9 curl to version 7.52.1-5+deb9u10 or higher.

References

high severity

Use After Free

  • Vulnerable module: curl
  • Introduced through: curl@7.52.1-5+deb9u9, curl/libcurl3@7.52.1-5+deb9u9 and others
  • Fixed in: 7.52.1-5+deb9u12

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* curl@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl3-gnutls@7.52.1-5+deb9u9
  • Introduced through: circleci/node:11.13-stretch-browsers@* curl/libcurl4-openssl-dev@7.52.1-5+deb9u9

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package. See Remediation section below for Debian:9 relevant versions.

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.

Remediation

Upgrade Debian:9 curl to version 7.52.1-5+deb9u12 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: cyrus-sasl2/libsasl2-2
  • Introduced through: cyrus-sasl2/libsasl2-2@2.1.27~101-g0780600+dfsg-3 and cyrus-sasl2/libsasl2-modules-db@2.1.27~101-g0780600+dfsg-3
  • Fixed in: 2.1.27~101-g0780600+dfsg-3+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* cyrus-sasl2/libsasl2-2@2.1.27~101-g0780600+dfsg-3
  • Introduced through: circleci/node:11.13-stretch-browsers@* cyrus-sasl2/libsasl2-modules-db@2.1.27~101-g0780600+dfsg-3

NVD Description

Note: Versions mentioned in the description apply to the upstream cyrus-sasl2 package. See Remediation section below for Debian:9 relevant versions.

cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.

Remediation

Upgrade Debian:9 cyrus-sasl2 to version 2.1.27~101-g0780600+dfsg-3+deb9u1 or higher.

References

high severity

Link Following

  • Vulnerable module: dbus/libdbus-1-3
  • Introduced through: dbus/libdbus-1-3@1.10.26-0+deb9u1
  • Fixed in: 1.10.28-0+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* dbus/libdbus-1-3@1.10.26-0+deb9u1

NVD Description

Note: Versions mentioned in the description apply to the upstream dbus package. See Remediation section below for Debian:9 relevant versions.

dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.

Remediation

Upgrade Debian:9 dbus to version 1.10.28-0+deb9u1 or higher.

References

high severity

Use After Free

  • Vulnerable module: dbus/libdbus-1-3
  • Introduced through: dbus/libdbus-1-3@1.10.26-0+deb9u1
  • Fixed in: 1.10.32-0+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* dbus/libdbus-1-3@1.10.26-0+deb9u1

NVD Description

Note: Versions mentioned in the description apply to the upstream dbus package. See Remediation section below for Debian:9 relevant versions.

A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors

Remediation

Upgrade Debian:9 dbus to version 1.10.32-0+deb9u1 or higher.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: djvulibre/libdjvulibre-dev
  • Introduced through: djvulibre/libdjvulibre-dev@3.5.27.1-7, djvulibre/libdjvulibre-text@3.5.27.1-7 and others
  • Fixed in: 3.5.27.1-7+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-dev@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-text@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre21@3.5.27.1-7

NVD Description

Note: Versions mentioned in the description apply to the upstream djvulibre package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences.

Remediation

Upgrade Debian:9 djvulibre to version 3.5.27.1-7+deb9u1 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: djvulibre/libdjvulibre-dev
  • Introduced through: djvulibre/libdjvulibre-dev@3.5.27.1-7, djvulibre/libdjvulibre-text@3.5.27.1-7 and others
  • Fixed in: 3.5.27.1-7+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-dev@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-text@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre21@3.5.27.1-7

NVD Description

Note: Versions mentioned in the description apply to the upstream djvulibre package. See Remediation section below for Debian:9 relevant versions.

DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp.

Remediation

Upgrade Debian:9 djvulibre to version 3.5.27.1-7+deb9u1 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: djvulibre/libdjvulibre-dev
  • Introduced through: djvulibre/libdjvulibre-dev@3.5.27.1-7, djvulibre/libdjvulibre-text@3.5.27.1-7 and others
  • Fixed in: 3.5.27.1-7+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-dev@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-text@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre21@3.5.27.1-7

NVD Description

Note: Versions mentioned in the description apply to the upstream djvulibre package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool::has_data() via crafted djvu file may lead to application crash and other consequences.

Remediation

Upgrade Debian:9 djvulibre to version 3.5.27.1-7+deb9u1 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: djvulibre/libdjvulibre-dev
  • Introduced through: djvulibre/libdjvulibre-dev@3.5.27.1-7, djvulibre/libdjvulibre-text@3.5.27.1-7 and others
  • Fixed in: 3.5.27.1-7+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-dev@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-text@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre21@3.5.27.1-7

NVD Description

Note: Versions mentioned in the description apply to the upstream djvulibre package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.

Remediation

Upgrade Debian:9 djvulibre to version 3.5.27.1-7+deb9u1 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: djvulibre/libdjvulibre-dev
  • Introduced through: djvulibre/libdjvulibre-dev@3.5.27.1-7, djvulibre/libdjvulibre-text@3.5.27.1-7 and others
  • Fixed in: 3.5.27.1-7+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-dev@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-text@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre21@3.5.27.1-7

NVD Description

Note: Versions mentioned in the description apply to the upstream djvulibre package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in function DJVU::GBitmap::decode() via crafted djvu file may lead to application crash and other consequences.

Remediation

Upgrade Debian:9 djvulibre to version 3.5.27.1-7+deb9u1 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: djvulibre/libdjvulibre-dev
  • Introduced through: djvulibre/libdjvulibre-dev@3.5.27.1-7, djvulibre/libdjvulibre-text@3.5.27.1-7 and others
  • Fixed in: 3.5.27.1-7+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-dev@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre-text@3.5.27.1-7
  • Introduced through: circleci/node:11.13-stretch-browsers@* djvulibre/libdjvulibre21@3.5.27.1-7

NVD Description

Note: Versions mentioned in the description apply to the upstream djvulibre package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences.

Remediation

Upgrade Debian:9 djvulibre to version 3.5.27.1-7+deb9u1 or higher.

References

high severity

Arbitrary Argument Injection

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary commands as root.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

CVE-2020-28015

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

CVE-2020-28021

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Exposure of Resource to Wrong Sphere

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rda_interpret uses a privileged pipe that lacks a close-on-exec flag.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Improper Data Handling

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u5 or higher.

References

high severity

Improper Initialization

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Improper Input Validation

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u4

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u4 or higher.

References

high severity

Improper Privilege Management

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the spool directory (owned by a non-root user), an attacker can write to a /var/spool/exim4/input spool header file, in which a crafted recipient address can indirectly lead to command execution.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow because get_stdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: exploitation may be impractical because of the execution time needed to overflow (multiple days).

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Link Following

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory (owned by a non-root user), a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Out-of-Bounds

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Out-of-Bounds

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Out-of-Bounds

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u6

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u6 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may disclose sensitive information from process memory to an unauthenticated SMTP client.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->bodyhash.len and b->bh.len; thus, a crafted DKIM-Signature header might lead to a leak of sensitive information from process memory.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u7

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u7 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run via two sender options: -R and -S. This may cause privilege escalation from exim to root.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: exim4
  • Introduced through: exim4@4.89-2+deb9u3, exim4/exim4-base@4.89-2+deb9u3 and others
  • Fixed in: 4.89-2+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-base@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-config@4.89-2+deb9u3
  • Introduced through: circleci/node:11.13-stretch-browsers@* exim4/exim4-daemon-light@4.89-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream exim4 package. See Remediation section below for Debian:9 relevant versions.

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.

Remediation

Upgrade Debian:9 exim4 to version 4.89-2+deb9u8 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.2.0-2+deb9u1 and expat/libexpat1-dev@2.2.0-2+deb9u1
  • Fixed in: 2.2.0-2+deb9u3

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* expat/libexpat1@2.2.0-2+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* expat/libexpat1-dev@2.2.0-2+deb9u1

NVD Description

Note: Versions mentioned in the description apply to the upstream expat package. See Remediation section below for Debian:9 relevant versions.

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

Remediation

Upgrade Debian:9 expat to version 2.2.0-2+deb9u3 or higher.

References

high severity

XML External Entity (XXE) Injection

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.2.0-2+deb9u1 and expat/libexpat1-dev@2.2.0-2+deb9u1
  • Fixed in: 2.2.0-2+deb9u2

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* expat/libexpat1@2.2.0-2+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* expat/libexpat1-dev@2.2.0-2+deb9u1

NVD Description

Note: Versions mentioned in the description apply to the upstream expat package. See Remediation section below for Debian:9 relevant versions.

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

Remediation

Upgrade Debian:9 expat to version 2.2.0-2+deb9u2 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: file
  • Introduced through: file@1:5.30-1+deb9u2, file/libmagic-mgc@1:5.30-1+deb9u2 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* file@1:5.30-1+deb9u2
  • Introduced through: circleci/node:11.13-stretch-browsers@* file/libmagic-mgc@1:5.30-1+deb9u2
  • Introduced through: circleci/node:11.13-stretch-browsers@* file/libmagic1@1:5.30-1+deb9u2

NVD Description

Note: Versions mentioned in the description apply to the upstream file package.

do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.

Remediation

There is no fixed version for Debian:9 file.

References

high severity

Out-of-bounds Write

  • Vulnerable module: file
  • Introduced through: file@1:5.30-1+deb9u2, file/libmagic-mgc@1:5.30-1+deb9u2 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* file@1:5.30-1+deb9u2
  • Introduced through: circleci/node:11.13-stretch-browsers@* file/libmagic-mgc@1:5.30-1+deb9u2
  • Introduced through: circleci/node:11.13-stretch-browsers@* file/libmagic1@1:5.30-1+deb9u2

NVD Description

Note: Versions mentioned in the description apply to the upstream file package.

do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.

Remediation

There is no fixed version for Debian:9 file.

References

high severity

Out-of-bounds Write

  • Vulnerable module: file
  • Introduced through: file@1:5.30-1+deb9u2, file/libmagic-mgc@1:5.30-1+deb9u2 and others
  • Fixed in: 1:5.30-1+deb9u3

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* file@1:5.30-1+deb9u2
  • Introduced through: circleci/node:11.13-stretch-browsers@* file/libmagic-mgc@1:5.30-1+deb9u2
  • Introduced through: circleci/node:11.13-stretch-browsers@* file/libmagic1@1:5.30-1+deb9u2

NVD Description

Note: Versions mentioned in the description apply to the upstream file package. See Remediation section below for Debian:9 relevant versions.

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

Remediation

Upgrade Debian:9 file to version 1:5.30-1+deb9u3 or higher.

References

high severity

Information Exposure

  • Vulnerable module: gcc-6
  • Introduced through: gcc-6@6.3.0-18+deb9u1, gcc-6/cpp-6@6.3.0-18+deb9u1 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/cpp-6@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/g++-6@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/gcc-6-base@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libasan3@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libatomic1@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libcc1-0@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libcilkrts5@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libgcc-6-dev@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libgcc1@1:6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libgomp1@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libitm1@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/liblsan0@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libmpx2@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libquadmath0@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libstdc++-6-dev@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libstdc++6@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libtsan0@6.3.0-18+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* gcc-6/libubsan0@6.3.0-18+deb9u1

NVD Description

Note: Versions mentioned in the description apply to the upstream gcc-6 package.

stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.

Remediation

There is no fixed version for Debian:9 gcc-6.

References

high severity

Out-of-bounds Read

  • Vulnerable module: giflib/libgif7
  • Introduced through: giflib/libgif7@5.1.4-0.4

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* giflib/libgif7@5.1.4-0.4

NVD Description

Note: Versions mentioned in the description apply to the upstream giflib package.

An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read.

Remediation

There is no fixed version for Debian:9 giflib.

References

high severity

Out-of-bounds Write

  • Vulnerable module: giflib/libgif7
  • Introduced through: giflib/libgif7@5.1.4-0.4

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* giflib/libgif7@5.1.4-0.4

NVD Description

Note: Versions mentioned in the description apply to the upstream giflib package.

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact.

Remediation

There is no fixed version for Debian:9 giflib.

References

high severity

Out-of-bounds Write

  • Vulnerable module: giflib/libgif7
  • Introduced through: giflib/libgif7@5.1.4-0.4

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* giflib/libgif7@5.1.4-0.4

NVD Description

Note: Versions mentioned in the description apply to the upstream giflib package.

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked. This will lead to a denial of service or possibly unspecified other impact.

Remediation

There is no fixed version for Debian:9 giflib.

References

high severity

CVE-2019-1353

  • Vulnerable module: git
  • Introduced through: git@1:2.11.0-3+deb9u4 and git/git-man@1:2.11.0-3+deb9u4
  • Fixed in: 1:2.11.0-3+deb9u5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* git@1:2.11.0-3+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* git/git-man@1:2.11.0-3+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream git package. See Remediation section below for Debian:9 relevant versions.

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.

Remediation

Upgrade Debian:9 git to version 1:2.11.0-3+deb9u5 or higher.

References

high severity

Improper Input Validation

  • Vulnerable module: git
  • Introduced through: git@1:2.11.0-3+deb9u4 and git/git-man@1:2.11.0-3+deb9u4
  • Fixed in: 1:2.11.0-3+deb9u5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* git@1:2.11.0-3+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* git/git-man@1:2.11.0-3+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream git package. See Remediation section below for Debian:9 relevant versions.

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.

Remediation

Upgrade Debian:9 git to version 1:2.11.0-3+deb9u5 or higher.

References

high severity

Improper Input Validation

  • Vulnerable module: git
  • Introduced through: git@1:2.11.0-3+deb9u4 and git/git-man@1:2.11.0-3+deb9u4
  • Fixed in: 1:2.11.0-3+deb9u5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* git@1:2.11.0-3+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* git/git-man@1:2.11.0-3+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream git package. See Remediation section below for Debian:9 relevant versions.

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.

Remediation

Upgrade Debian:9 git to version 1:2.11.0-3+deb9u5 or higher.

References

high severity

Improper Input Validation

  • Vulnerable module: git
  • Introduced through: git@1:2.11.0-3+deb9u4 and git/git-man@1:2.11.0-3+deb9u4
  • Fixed in: 1:2.11.0-3+deb9u5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* git@1:2.11.0-3+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* git/git-man@1:2.11.0-3+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream git package. See Remediation section below for Debian:9 relevant versions.

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.

Remediation

Upgrade Debian:9 git to version 1:2.11.0-3+deb9u5 or higher.

References

high severity

Insufficiently Protected Credentials

  • Vulnerable module: git
  • Introduced through: git@1:2.11.0-3+deb9u4 and git/git-man@1:2.11.0-3+deb9u4
  • Fixed in: 1:2.11.0-3+deb9u6

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* git@1:2.11.0-3+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* git/git-man@1:2.11.0-3+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream git package. See Remediation section below for Debian:9 relevant versions.

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1.

Remediation

Upgrade Debian:9 git to version 1:2.11.0-3+deb9u6 or higher.

References

high severity

Insufficiently Protected Credentials

  • Vulnerable module: git
  • Introduced through: git@1:2.11.0-3+deb9u4 and git/git-man@1:2.11.0-3+deb9u4
  • Fixed in: 1:2.11.0-3+deb9u7

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* git@1:2.11.0-3+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* git/git-man@1:2.11.0-3+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream git package. See Remediation section below for Debian:9 relevant versions.

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where some credential is leaked (but the attacker cannot control which one). Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that are considered illegal as of the recently published Git versions can cause Git to send a "blank" pattern to helpers, missing hostname and protocol fields. Many helpers will interpret this as matching any URL, and will return some unspecified stored password, leaking the password to an attacker's server. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The root of the problem is in Git itself, which should not be feeding blank input to helpers. However, the ability to exploit the vulnerability in practice depends on which helpers are in use. Credential helpers which are known to trigger the vulnerability: - Git's "store" helper - Git's "cache" helper - the "osxkeychain" helper that ships in Git's "contrib" directory Credential helpers which are known to be safe even with vulnerable versions of Git: - Git Credential Manager for Windows Any helper not in this list should be assumed to trigger the vulnerability.

Remediation

Upgrade Debian:9 git to version 1:2.11.0-3+deb9u7 or higher.

References

high severity

Link Following

  • Vulnerable module: git
  • Introduced through: git@1:2.11.0-3+deb9u4 and git/git-man@1:2.11.0-3+deb9u4

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* git@1:2.11.0-3+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* git/git-man@1:2.11.0-3+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream git package.

Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via git config --global core.symlinks false), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. before cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6.

Remediation

There is no fixed version for Debian:9 git.

References

high severity

Incorrect Conversion between Numeric Types

  • Vulnerable module: glib2.0/libglib2.0-0
  • Introduced through: glib2.0/libglib2.0-0@2.50.3-2, glib2.0/libglib2.0-bin@2.50.3-2 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-0@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-bin@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-data@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-dev@2.50.3-2

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2.0 package.

An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.

Remediation

There is no fixed version for Debian:9 glib2.0.

References

high severity

Incorrect Conversion between Numeric Types

  • Vulnerable module: glib2.0/libglib2.0-0
  • Introduced through: glib2.0/libglib2.0-0@2.50.3-2, glib2.0/libglib2.0-bin@2.50.3-2 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-0@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-bin@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-data@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-dev@2.50.3-2

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2.0 package.

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.

Remediation

There is no fixed version for Debian:9 glib2.0.

References

high severity

Incorrect Permission Assignment for Critical Resource

  • Vulnerable module: glib2.0/libglib2.0-0
  • Introduced through: glib2.0/libglib2.0-0@2.50.3-2, glib2.0/libglib2.0-bin@2.50.3-2 and others
  • Fixed in: 2.50.3-2+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-0@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-bin@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-data@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-dev@2.50.3-2

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2.0 package. See Remediation section below for Debian:9 relevant versions.

The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL). Consequently, it does not properly restrict directory (and file) permissions. Instead, for directories, 0777 permissions are used; for files, default file permissions are used. This is similar to CVE-2019-12450.

Remediation

Upgrade Debian:9 glib2.0 to version 2.50.3-2+deb9u1 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: glib2.0/libglib2.0-0
  • Introduced through: glib2.0/libglib2.0-0@2.50.3-2, glib2.0/libglib2.0-bin@2.50.3-2 and others
  • Fixed in: 2.50.3-2+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-0@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-bin@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-data@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-dev@2.50.3-2

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2.0 package. See Remediation section below for Debian:9 relevant versions.

In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.

Remediation

Upgrade Debian:9 glib2.0 to version 2.50.3-2+deb9u1 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: glib2.0/libglib2.0-0
  • Introduced through: glib2.0/libglib2.0-0@2.50.3-2, glib2.0/libglib2.0-bin@2.50.3-2 and others
  • Fixed in: 2.50.3-2+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-0@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-bin@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-data@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-dev@2.50.3-2

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2.0 package. See Remediation section below for Debian:9 relevant versions.

GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().

Remediation

Upgrade Debian:9 glib2.0 to version 2.50.3-2+deb9u1 or higher.

References

high severity

Race Condition

  • Vulnerable module: glib2.0/libglib2.0-0
  • Introduced through: glib2.0/libglib2.0-0@2.50.3-2, glib2.0/libglib2.0-bin@2.50.3-2 and others
  • Fixed in: 2.50.3-2+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-0@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-bin@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-data@2.50.3-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* glib2.0/libglib2.0-dev@2.50.3-2

NVD Description

Note: Versions mentioned in the description apply to the upstream glib2.0 package. See Remediation section below for Debian:9 relevant versions.

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.

Remediation

Upgrade Debian:9 glib2.0 to version 2.50.3-2+deb9u1 or higher.

References

high severity

Improper Data Handling

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.24-11+deb9u4, glibc/libc-dev-bin@2.24-11+deb9u4 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-dev-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-l10n@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6-dev@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/locales@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/multiarch-support@2.24-11+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.

Remediation

There is no fixed version for Debian:9 glibc.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.24-11+deb9u4, glibc/libc-dev-bin@2.24-11+deb9u4 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-dev-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-l10n@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6-dev@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/locales@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/multiarch-support@2.24-11+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.

Remediation

There is no fixed version for Debian:9 glibc.

References

high severity

Out-of-bounds Read

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.24-11+deb9u4, glibc/libc-dev-bin@2.24-11+deb9u4 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-dev-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-l10n@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6-dev@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/locales@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/multiarch-support@2.24-11+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.

Remediation

There is no fixed version for Debian:9 glibc.

References

high severity

Out-of-bounds Write

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.24-11+deb9u4, glibc/libc-dev-bin@2.24-11+deb9u4 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-dev-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-l10n@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6-dev@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/locales@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/multiarch-support@2.24-11+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.

Remediation

There is no fixed version for Debian:9 glibc.

References

high severity

Out-of-bounds Write

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.24-11+deb9u4, glibc/libc-dev-bin@2.24-11+deb9u4 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-dev-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-l10n@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6-dev@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/locales@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/multiarch-support@2.24-11+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.

Remediation

There is no fixed version for Debian:9 glibc.

References

high severity

Out-of-bounds Write

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.24-11+deb9u4, glibc/libc-dev-bin@2.24-11+deb9u4 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-dev-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-l10n@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6-dev@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/locales@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/multiarch-support@2.24-11+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.

Remediation

There is no fixed version for Debian:9 glibc.

References

high severity

Out-of-bounds Write

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.24-11+deb9u4, glibc/libc-dev-bin@2.24-11+deb9u4 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-dev-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-l10n@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6-dev@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/locales@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/multiarch-support@2.24-11+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:9 glibc.

References

high severity

Reachable Assertion

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.24-11+deb9u4, glibc/libc-dev-bin@2.24-11+deb9u4 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-dev-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-l10n@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6-dev@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/locales@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/multiarch-support@2.24-11+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

Remediation

There is no fixed version for Debian:9 glibc.

References

high severity

Use After Free

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.24-11+deb9u4, glibc/libc-dev-bin@2.24-11+deb9u4 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-dev-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-l10n@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6-dev@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/locales@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/multiarch-support@2.24-11+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.

Remediation

There is no fixed version for Debian:9 glibc.

References

high severity

Use After Free

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.24-11+deb9u4, glibc/libc-dev-bin@2.24-11+deb9u4 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-dev-bin@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc-l10n@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/libc6-dev@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/locales@2.24-11+deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* glibc/multiarch-support@2.24-11+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.

Remediation

There is no fixed version for Debian:9 glibc.

References

high severity

Cross-site Request Forgery (CSRF)

  • Vulnerable module: gnupg2/dirmngr
  • Introduced through: gnupg2/dirmngr@2.1.18-8~deb9u4, gnupg2/gnupg@2.1.18-8~deb9u4 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* gnupg2/dirmngr@2.1.18-8~deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* gnupg2/gnupg@2.1.18-8~deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* gnupg2/gnupg-agent@2.1.18-8~deb9u4
  • Introduced through: circleci/node:11.13-stretch-browsers@* gnupg2/gpgv@2.1.18-8~deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream gnupg2 package.

GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060.

Remediation

There is no fixed version for Debian:9 gnupg2.

References

high severity

Double Free

  • Vulnerable module: gnutls28/libgnutls30
  • Introduced through: gnutls28/libgnutls30@3.5.8-5+deb9u4
  • Fixed in: 3.5.8-5+deb9u5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* gnutls28/libgnutls30@3.5.8-5+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream gnutls28 package. See Remediation section below for Debian:9 relevant versions.

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.

Remediation

Upgrade Debian:9 gnutls28 to version 3.5.8-5+deb9u5 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: graphite2/libgraphite2-3
  • Introduced through: graphite2/libgraphite2-3@1.3.10-1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* graphite2/libgraphite2-3@1.3.10-1

NVD Description

Note: Versions mentioned in the description apply to the upstream graphite2 package.

In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file.

Remediation

There is no fixed version for Debian:9 graphite2.

References

high severity

Buffer Overflow

  • Vulnerable module: graphviz/libcdt5
  • Introduced through: graphviz/libcdt5@2.38.0-17, graphviz/libcgraph6@2.38.0-17 and others
  • Fixed in: 2.38.0-17+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* graphviz/libcdt5@2.38.0-17
  • Introduced through: circleci/node:11.13-stretch-browsers@* graphviz/libcgraph6@2.38.0-17
  • Introduced through: circleci/node:11.13-stretch-browsers@* graphviz/libgraphviz-dev@2.38.0-17
  • Introduced through: circleci/node:11.13-stretch-browsers@* graphviz/libgvc6@2.38.0-17
  • Introduced through: circleci/node:11.13-stretch-browsers@* graphviz/libgvc6-plugins-gtk@2.38.0-17
  • Introduced through: circleci/node:11.13-stretch-browsers@* graphviz/libgvpr2@2.38.0-17
  • Introduced through: circleci/node:11.13-stretch-browsers@* graphviz/libpathplan4@2.38.0-17
  • Introduced through: circleci/node:11.13-stretch-browsers@* graphviz/libxdot4@2.38.0-17

NVD Description

Note: Versions mentioned in the description apply to the upstream graphviz package. See Remediation section below for Debian:9 relevant versions.

Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.

Remediation

Upgrade Debian:9 graphviz to version 2.38.0-17+deb9u1 or higher.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: icu/icu-devtools
  • Introduced through: icu/icu-devtools@57.1-6+deb9u2, icu/libicu-dev@57.1-6+deb9u2 and others
  • Fixed in: 57.1-6+deb9u4

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* icu/icu-devtools@57.1-6+deb9u2
  • Introduced through: circleci/node:11.13-stretch-browsers@* icu/libicu-dev@57.1-6+deb9u2
  • Introduced through: circleci/node:11.13-stretch-browsers@* icu/libicu57@57.1-6+deb9u2

NVD Description

Note: Versions mentioned in the description apply to the upstream icu package. See Remediation section below for Debian:9 relevant versions.

An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

Remediation

Upgrade Debian:9 icu to version 57.1-6+deb9u4 or higher.

References

high severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

Divide By Zero

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u13

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u13 or higher.

References

high severity

Double Free

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Improper Initialization

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Improper Initialization

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Improper Initialization

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Information Exposure

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u13

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u13 or higher.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u12

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-69.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u12 or higher.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u13

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u13 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

Out-of-Bounds

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Out-of-Bounds

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u7

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u7 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u11

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u11 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.

Remediation

There is no fixed version for Debian:9 imagemagick.

References

high severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u7

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u7 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u8 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u8 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u8 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u8 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u8 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u8 or higher.

References

high severity

Resource Exhaustion

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

Resource Exhaustion

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u9

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u9 or higher.

References

high severity

Use After Free

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u8 or higher.

References

high severity

Use of Uninitialized Resource

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u10

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u10 or higher.

References

high severity

XML Injection

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.7.4+dfsg-11+deb9u6, imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6 and others
  • Fixed in: 8:6.9.7.4+dfsg-11+deb9u11

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6-common@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/imagemagick-6.q16@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-arch-config@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-3-extra@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickcore-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6-headers@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-3@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-6.q16-dev@8:6.9.7.4+dfsg-11+deb9u6
  • Introduced through: circleci/node:11.13-stretch-browsers@* imagemagick/libmagickwand-dev@8:6.9.7.4+dfsg-11+deb9u6

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package. See Remediation section below for Debian:9 relevant versions.

ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.

Remediation

Upgrade Debian:9 imagemagick to version 8:6.9.7.4+dfsg-11+deb9u11 or higher.

References

high severity

Uncontrolled Recursion

  • Vulnerable module: krb5/krb5-multidev
  • Introduced through: krb5/krb5-multidev@1.15-1+deb9u1, krb5/libgssapi-krb5-2@1.15-1+deb9u1 and others
  • Fixed in: 1.15-1+deb9u2

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* krb5/krb5-multidev@1.15-1+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* krb5/libgssapi-krb5-2@1.15-1+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* krb5/libgssrpc4@1.15-1+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* krb5/libk5crypto3@1.15-1+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* krb5/libkadm5clnt-mit11@1.15-1+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* krb5/libkadm5srv-mit11@1.15-1+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* krb5/libkdb5-8@1.15-1+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* krb5/libkrb5-3@1.15-1+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* krb5/libkrb5-dev@1.15-1+deb9u1
  • Introduced through: circleci/node:11.13-stretch-browsers@* krb5/libkrb5support0@1.15-1+deb9u1

NVD Description

Note: Versions mentioned in the description apply to the upstream krb5 package. See Remediation section below for Debian:9 relevant versions.

MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.

Remediation

Upgrade Debian:9 krb5 to version 1.15-1+deb9u2 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libbsd/libbsd0
  • Introduced through: libbsd/libbsd0@0.8.3-1
  • Fixed in: 0.8.3-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libbsd/libbsd0@0.8.3-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libbsd package. See Remediation section below for Debian:9 relevant versions.

nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).

Remediation

Upgrade Debian:9 libbsd to version 0.8.3-1+deb9u1 or higher.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: libexif/libexif-dev
  • Introduced through: libexif/libexif-dev@0.6.21-2+b2 and libexif/libexif12@0.6.21-2+b2
  • Fixed in: 0.6.21-2+deb9u5

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif-dev@0.6.21-2+b2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif12@0.6.21-2+b2

NVD Description

Note: Versions mentioned in the description apply to the upstream libexif package. See Remediation section below for Debian:9 relevant versions.

In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-159625731

Remediation

Upgrade Debian:9 libexif to version 0.6.21-2+deb9u5 or higher.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: libexif/libexif-dev
  • Introduced through: libexif/libexif-dev@0.6.21-2+b2 and libexif/libexif12@0.6.21-2+b2
  • Fixed in: 0.6.21-2+deb9u2

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif-dev@0.6.21-2+b2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif12@0.6.21-2+b2

NVD Description

Note: Versions mentioned in the description apply to the upstream libexif package. See Remediation section below for Debian:9 relevant versions.

A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).

Remediation

Upgrade Debian:9 libexif to version 0.6.21-2+deb9u2 or higher.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: libexif/libexif-dev
  • Introduced through: libexif/libexif-dev@0.6.21-2+b2 and libexif/libexif12@0.6.21-2+b2
  • Fixed in: 0.6.21-2+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif-dev@0.6.21-2+b2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif12@0.6.21-2+b2

NVD Description

Note: Versions mentioned in the description apply to the upstream libexif package. See Remediation section below for Debian:9 relevant versions.

In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145075076

Remediation

Upgrade Debian:9 libexif to version 0.6.21-2+deb9u1 or higher.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: libexif/libexif-dev
  • Introduced through: libexif/libexif-dev@0.6.21-2+b2 and libexif/libexif12@0.6.21-2+b2
  • Fixed in: 0.6.21-2+deb9u4

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif-dev@0.6.21-2+b2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif12@0.6.21-2+b2

NVD Description

Note: Versions mentioned in the description apply to the upstream libexif package. See Remediation section below for Debian:9 relevant versions.

In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146428941

Remediation

Upgrade Debian:9 libexif to version 0.6.21-2+deb9u4 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libexif/libexif-dev
  • Introduced through: libexif/libexif-dev@0.6.21-2+b2 and libexif/libexif12@0.6.21-2+b2
  • Fixed in: 0.6.21-2+deb9u2

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif-dev@0.6.21-2+b2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif12@0.6.21-2+b2

NVD Description

Note: Versions mentioned in the description apply to the upstream libexif package. See Remediation section below for Debian:9 relevant versions.

libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.

Remediation

Upgrade Debian:9 libexif to version 0.6.21-2+deb9u2 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libexif/libexif-dev
  • Introduced through: libexif/libexif-dev@0.6.21-2+b2 and libexif/libexif12@0.6.21-2+b2
  • Fixed in: 0.6.21-2+deb9u3

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif-dev@0.6.21-2+b2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif12@0.6.21-2+b2

NVD Description

Note: Versions mentioned in the description apply to the upstream libexif package. See Remediation section below for Debian:9 relevant versions.

An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

Remediation

Upgrade Debian:9 libexif to version 0.6.21-2+deb9u3 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: libexif/libexif-dev
  • Introduced through: libexif/libexif-dev@0.6.21-2+b2 and libexif/libexif12@0.6.21-2+b2
  • Fixed in: 0.6.21-2+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif-dev@0.6.21-2+b2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif12@0.6.21-2+b2

NVD Description

Note: Versions mentioned in the description apply to the upstream libexif package. See Remediation section below for Debian:9 relevant versions.

In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774

Remediation

Upgrade Debian:9 libexif to version 0.6.21-2+deb9u1 or higher.

References

high severity

Resource Exhaustion

  • Vulnerable module: libexif/libexif-dev
  • Introduced through: libexif/libexif-dev@0.6.21-2+b2 and libexif/libexif12@0.6.21-2+b2
  • Fixed in: 0.6.21-2+deb9u2

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif-dev@0.6.21-2+b2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif12@0.6.21-2+b2

NVD Description

Note: Versions mentioned in the description apply to the upstream libexif package. See Remediation section below for Debian:9 relevant versions.

An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.

Remediation

Upgrade Debian:9 libexif to version 0.6.21-2+deb9u2 or higher.

References

high severity

Resource Exhaustion

  • Vulnerable module: libexif/libexif-dev
  • Introduced through: libexif/libexif-dev@0.6.21-2+b2 and libexif/libexif12@0.6.21-2+b2
  • Fixed in: 0.6.21-2+deb9u3

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif-dev@0.6.21-2+b2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif12@0.6.21-2+b2

NVD Description

Note: Versions mentioned in the description apply to the upstream libexif package. See Remediation section below for Debian:9 relevant versions.

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.

Remediation

Upgrade Debian:9 libexif to version 0.6.21-2+deb9u3 or higher.

References

high severity

Use After Free

  • Vulnerable module: libexif/libexif-dev
  • Introduced through: libexif/libexif-dev@0.6.21-2+b2 and libexif/libexif12@0.6.21-2+b2
  • Fixed in: 0.6.21-2+deb9u3

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif-dev@0.6.21-2+b2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libexif/libexif12@0.6.21-2+b2

NVD Description

Note: Versions mentioned in the description apply to the upstream libexif package. See Remediation section below for Debian:9 relevant versions.

An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.

Remediation

Upgrade Debian:9 libexif to version 0.6.21-2+deb9u3 or higher.

References

high severity

Out-of-Bounds

  • Vulnerable module: libgc/libgc1c2
  • Introduced through: libgc/libgc1c2@1:7.4.2-8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libgc/libgc1c2@1:7.4.2-8

NVD Description

Note: Versions mentioned in the description apply to the upstream libgc package.

Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.

Remediation

There is no fixed version for Debian:9 libgc.

References

high severity

Information Exposure

  • Vulnerable module: libgcrypt20
  • Introduced through: libgcrypt20@1.7.6-2+deb9u3
  • Fixed in: 1.7.6-2+deb9u4

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libgcrypt20@1.7.6-2+deb9u3

NVD Description

Note: Versions mentioned in the description apply to the upstream libgcrypt20 package. See Remediation section below for Debian:9 relevant versions.

Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. (There is also an interoperability problem because the selection of the k integer value does not properly consider the differences between basic ElGamal encryption and generalized ElGamal encryption.) This, for example, affects use of ElGamal in OpenPGP.

Remediation

Upgrade Debian:9 libgcrypt20 to version 1.7.6-2+deb9u4 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libgd2/libgd3
  • Introduced through: libgd2/libgd3@2.2.4-2+deb9u4

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libgd2/libgd3@2.2.4-2+deb9u4

NVD Description

Note: Versions mentioned in the description apply to the upstream libgd2 package.

** DISPUTED ** In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'"

Remediation

There is no fixed version for Debian:9 libgd2.

References

high severity

Integer Overflow or Wraparound

  • Vulnerable module: libidn/libidn11
  • Introduced through: libidn/libidn11@1.33-1
  • Fixed in: 1.33-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libidn/libidn11@1.33-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libidn package. See Remediation section below for Debian:9 relevant versions.

Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

Remediation

Upgrade Debian:9 libidn to version 1.33-1+deb9u1 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libjpeg-turbo/libjpeg-dev
  • Introduced through: libjpeg-turbo/libjpeg-dev@1:1.5.1-2, libjpeg-turbo/libjpeg62-turbo@1:1.5.1-2 and others
  • Fixed in: 1:1.5.1-2+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libjpeg-turbo/libjpeg-dev@1:1.5.1-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libjpeg-turbo/libjpeg62-turbo@1:1.5.1-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libjpeg-turbo/libjpeg62-turbo-dev@1:1.5.1-2

NVD Description

Note: Versions mentioned in the description apply to the upstream libjpeg-turbo package. See Remediation section below for Debian:9 relevant versions.

libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.

Remediation

Upgrade Debian:9 libjpeg-turbo to version 1:1.5.1-2+deb9u1 or higher.

References

high severity

Resource Exhaustion

  • Vulnerable module: libjpeg-turbo/libjpeg-dev
  • Introduced through: libjpeg-turbo/libjpeg-dev@1:1.5.1-2, libjpeg-turbo/libjpeg62-turbo@1:1.5.1-2 and others
  • Fixed in: 1:1.5.1-2+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libjpeg-turbo/libjpeg-dev@1:1.5.1-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libjpeg-turbo/libjpeg62-turbo@1:1.5.1-2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libjpeg-turbo/libjpeg62-turbo-dev@1:1.5.1-2

NVD Description

Note: Versions mentioned in the description apply to the upstream libjpeg-turbo package. See Remediation section below for Debian:9 relevant versions.

In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption.

Remediation

Upgrade Debian:9 libjpeg-turbo to version 1:1.5.1-2+deb9u1 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: libntlm/libntlm0
  • Introduced through: libntlm/libntlm0@1.4-8

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libntlm/libntlm0@1.4-8

NVD Description

Note: Versions mentioned in the description apply to the upstream libntlm package.

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.

Remediation

There is no fixed version for Debian:9 libntlm.

References

high severity

Improper Input Validation

  • Vulnerable module: libpng1.6/libpng-dev
  • Introduced through: libpng1.6/libpng-dev@1.6.28-1 and libpng1.6/libpng16-16@1.6.28-1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libpng1.6/libpng-dev@1.6.28-1
  • Introduced through: circleci/node:11.13-stretch-browsers@* libpng1.6/libpng16-16@1.6.28-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libpng1.6 package.

libpng before 1.6.32 does not properly check the length of chunks against the user limit.

Remediation

There is no fixed version for Debian:9 libpng1.6.

References

high severity

Buffer Overflow

  • Vulnerable module: libproxy/libproxy1v5
  • Introduced through: libproxy/libproxy1v5@0.4.14-2
  • Fixed in: 0.4.14-2+deb9u2

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libproxy/libproxy1v5@0.4.14-2

NVD Description

Note: Versions mentioned in the description apply to the upstream libproxy package. See Remediation section below for Debian:9 relevant versions.

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

Remediation

Upgrade Debian:9 libproxy to version 0.4.14-2+deb9u2 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: libproxy/libproxy1v5
  • Introduced through: libproxy/libproxy1v5@0.4.14-2
  • Fixed in: 0.4.14-2+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libproxy/libproxy1v5@0.4.14-2

NVD Description

Note: Versions mentioned in the description apply to the upstream libproxy package. See Remediation section below for Debian:9 relevant versions.

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.

Remediation

Upgrade Debian:9 libproxy to version 0.4.14-2+deb9u1 or higher.

References

high severity

Divide By Zero

  • Vulnerable module: librsvg/gir1.2-rsvg-2.0
  • Introduced through: librsvg/gir1.2-rsvg-2.0@2.40.16-1+b1, librsvg/librsvg2-2@2.40.16-1+b1 and others
  • Fixed in: 2.40.21-0+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* librsvg/gir1.2-rsvg-2.0@2.40.16-1+b1
  • Introduced through: circleci/node:11.13-stretch-browsers@* librsvg/librsvg2-2@2.40.16-1+b1
  • Introduced through: circleci/node:11.13-stretch-browsers@* librsvg/librsvg2-common@2.40.16-1+b1
  • Introduced through: circleci/node:11.13-stretch-browsers@* librsvg/librsvg2-dev@2.40.16-1+b1

NVD Description

Note: Versions mentioned in the description apply to the upstream librsvg package. See Remediation section below for Debian:9 relevant versions.

A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.

Remediation

Upgrade Debian:9 librsvg to version 2.40.21-0+deb9u1 or higher.

References

high severity

Out-of-Bounds

  • Vulnerable module: libsndfile/libsndfile1
  • Introduced through: libsndfile/libsndfile1@1.0.27-3

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libsndfile/libsndfile1@1.0.27-3

NVD Description

Note: Versions mentioned in the description apply to the upstream libsndfile package.

Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Remediation

There is no fixed version for Debian:9 libsndfile.

References

high severity

Out-of-Bounds

  • Vulnerable module: libsndfile/libsndfile1
  • Introduced through: libsndfile/libsndfile1@1.0.27-3
  • Fixed in: 1.0.27-3+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libsndfile/libsndfile1@1.0.27-3

NVD Description

Note: Versions mentioned in the description apply to the upstream libsndfile package. See Remediation section below for Debian:9 relevant versions.

In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file.

Remediation

Upgrade Debian:9 libsndfile to version 1.0.27-3+deb9u1 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libsndfile/libsndfile1
  • Introduced through: libsndfile/libsndfile1@1.0.27-3
  • Fixed in: 1.0.27-3+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libsndfile/libsndfile1@1.0.27-3

NVD Description

Note: Versions mentioned in the description apply to the upstream libsndfile package. See Remediation section below for Debian:9 relevant versions.

An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.

Remediation

Upgrade Debian:9 libsndfile to version 1.0.27-3+deb9u1 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libsndfile/libsndfile1
  • Introduced through: libsndfile/libsndfile1@1.0.27-3
  • Fixed in: 1.0.27-3+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libsndfile/libsndfile1@1.0.27-3

NVD Description

Note: Versions mentioned in the description apply to the upstream libsndfile package. See Remediation section below for Debian:9 relevant versions.

An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.

Remediation

Upgrade Debian:9 libsndfile to version 1.0.27-3+deb9u1 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libsndfile/libsndfile1
  • Introduced through: libsndfile/libsndfile1@1.0.27-3
  • Fixed in: 1.0.27-3+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libsndfile/libsndfile1@1.0.27-3

NVD Description

Note: Versions mentioned in the description apply to the upstream libsndfile package. See Remediation section below for Debian:9 relevant versions.

An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service.

Remediation

Upgrade Debian:9 libsndfile to version 1.0.27-3+deb9u1 or higher.

References

high severity
new

Out-of-bounds Write

  • Vulnerable module: libsndfile/libsndfile1
  • Introduced through: libsndfile/libsndfile1@1.0.27-3
  • Fixed in: 1.0.27-3+deb9u2

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libsndfile/libsndfile1@1.0.27-3

NVD Description

Note: Versions mentioned in the description apply to the upstream libsndfile package. See Remediation section below for Debian:9 relevant versions.

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

Remediation

Upgrade Debian:9 libsndfile to version 1.0.27-3+deb9u2 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libssh2/libssh2-1
  • Introduced through: libssh2/libssh2-1@1.7.0-1
  • Fixed in: 1.7.0-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libssh2/libssh2-1@1.7.0-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Debian:9 relevant versions.

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Remediation

Upgrade Debian:9 libssh2 to version 1.7.0-1+deb9u1 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libssh2/libssh2-1
  • Introduced through: libssh2/libssh2-1@1.7.0-1
  • Fixed in: 1.7.0-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libssh2/libssh2-1@1.7.0-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Debian:9 relevant versions.

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Remediation

Upgrade Debian:9 libssh2 to version 1.7.0-1+deb9u1 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libssh2/libssh2-1
  • Introduced through: libssh2/libssh2-1@1.7.0-1
  • Fixed in: 1.7.0-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libssh2/libssh2-1@1.7.0-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Debian:9 relevant versions.

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Remediation

Upgrade Debian:9 libssh2 to version 1.7.0-1+deb9u1 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libssh2/libssh2-1
  • Introduced through: libssh2/libssh2-1@1.7.0-1
  • Fixed in: 1.7.0-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libssh2/libssh2-1@1.7.0-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Debian:9 relevant versions.

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Remediation

Upgrade Debian:9 libssh2 to version 1.7.0-1+deb9u1 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libssh2/libssh2-1
  • Introduced through: libssh2/libssh2-1@1.7.0-1
  • Fixed in: 1.7.0-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libssh2/libssh2-1@1.7.0-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Debian:9 relevant versions.

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Remediation

Upgrade Debian:9 libssh2 to version 1.7.0-1+deb9u1 or higher.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libssh2/libssh2-1
  • Introduced through: libssh2/libssh2-1@1.7.0-1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libssh2/libssh2-1@1.7.0-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package.

In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.

Remediation

There is no fixed version for Debian:9 libssh2.

References

high severity

Out-of-bounds Write

  • Vulnerable module: libssh2/libssh2-1
  • Introduced through: libssh2/libssh2-1@1.7.0-1
  • Fixed in: 1.7.0-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libssh2/libssh2-1@1.7.0-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Debian:9 relevant versions.

A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.

Remediation

Upgrade Debian:9 libssh2 to version 1.7.0-1+deb9u1 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: libssh2/libssh2-1
  • Introduced through: libssh2/libssh2-1@1.7.0-1
  • Fixed in: 1.7.0-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libssh2/libssh2-1@1.7.0-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Debian:9 relevant versions.

An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

Remediation

Upgrade Debian:9 libssh2 to version 1.7.0-1+deb9u1 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: libssh2/libssh2-1
  • Introduced through: libssh2/libssh2-1@1.7.0-1
  • Fixed in: 1.7.0-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libssh2/libssh2-1@1.7.0-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Debian:9 relevant versions.

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

Remediation

Upgrade Debian:9 libssh2 to version 1.7.0-1+deb9u1 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: libssh2/libssh2-1
  • Introduced through: libssh2/libssh2-1@1.7.0-1
  • Fixed in: 1.7.0-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libssh2/libssh2-1@1.7.0-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libssh2 package. See Remediation section below for Debian:9 relevant versions.

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

Remediation

Upgrade Debian:9 libssh2 to version 1.7.0-1+deb9u1 or higher.

References

high severity

Out-of-Bounds

  • Vulnerable module: libvorbis/libvorbis0a
  • Introduced through: libvorbis/libvorbis0a@1.3.5-4+deb9u2 and libvorbis/libvorbisenc2@1.3.5-4+deb9u2

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libvorbis/libvorbis0a@1.3.5-4+deb9u2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libvorbis/libvorbisenc2@1.3.5-4+deb9u2

NVD Description

Note: Versions mentioned in the description apply to the upstream libvorbis package.

The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file.

Remediation

There is no fixed version for Debian:9 libvorbis.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libvorbis/libvorbis0a
  • Introduced through: libvorbis/libvorbis0a@1.3.5-4+deb9u2 and libvorbis/libvorbisenc2@1.3.5-4+deb9u2

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libvorbis/libvorbis0a@1.3.5-4+deb9u2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libvorbis/libvorbisenc2@1.3.5-4+deb9u2

NVD Description

Note: Versions mentioned in the description apply to the upstream libvorbis package.

bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.

Remediation

There is no fixed version for Debian:9 libvorbis.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libvorbis/libvorbis0a
  • Introduced through: libvorbis/libvorbis0a@1.3.5-4+deb9u2 and libvorbis/libvorbisenc2@1.3.5-4+deb9u2

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libvorbis/libvorbis0a@1.3.5-4+deb9u2
  • Introduced through: circleci/node:11.13-stretch-browsers@* libvorbis/libvorbisenc2@1.3.5-4+deb9u2

NVD Description

Note: Versions mentioned in the description apply to the upstream libvorbis package.

mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.

Remediation

There is no fixed version for Debian:9 libvorbis.

References

high severity

Improper Input Validation

  • Vulnerable module: libwebp/libwebp-dev
  • Introduced through: libwebp/libwebp-dev@0.5.2-1, libwebp/libwebp6@0.5.2-1 and others

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libwebp/libwebp-dev@0.5.2-1
  • Introduced through: circleci/node:11.13-stretch-browsers@* libwebp/libwebp6@0.5.2-1
  • Introduced through: circleci/node:11.13-stretch-browsers@* libwebp/libwebpdemux2@0.5.2-1
  • Introduced through: circleci/node:11.13-stretch-browsers@* libwebp/libwebpmux2@0.5.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libwebp package.

A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability.

Remediation

There is no fixed version for Debian:9 libwebp.

References

high severity

Out-of-bounds Read

  • Vulnerable module: libwebp/libwebp-dev
  • Introduced through: libwebp/libwebp-dev@0.5.2-1, libwebp/libwebp6@0.5.2-1 and others
  • Fixed in: 0.5.2-1+deb9u1

Detailed paths

  • Introduced through: circleci/node:11.13-stretch-browsers@* libwebp/libwebp-dev@0.5.2-1