Vulnerabilities

311 via 1141 paths

Dependencies

427

Source

Group 6 Copy Created with Sketch. Docker

Target OS

debian:11
Test your Docker Hub image against our market leading vulnerability database Sign up for free
Severity
  • 4
  • 36
  • 25
  • 246
Status
  • 311
  • 0
  • 0

critical severity

Buffer Overflow

  • Vulnerable module: aom/libaom0
  • Introduced through: aom/libaom0@1.0.0.errata1-3

Detailed paths

  • Introduced through: python@latest aom/libaom0@1.0.0.errata1-3

NVD Description

Note: Versions mentioned in the description apply to the upstream aom package.

aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow.

Remediation

There is no fixed version for Debian:11 aom.

References

critical severity

Release of Invalid Pointer or Reference

  • Vulnerable module: aom/libaom0
  • Introduced through: aom/libaom0@1.0.0.errata1-3

Detailed paths

  • Introduced through: python@latest aom/libaom0@1.0.0.errata1-3

NVD Description

Note: Versions mentioned in the description apply to the upstream aom package.

aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap.

Remediation

There is no fixed version for Debian:11 aom.

References

critical severity

Use After Free

  • Vulnerable module: aom/libaom0
  • Introduced through: aom/libaom0@1.0.0.errata1-3

Detailed paths

  • Introduced through: python@latest aom/libaom0@1.0.0.errata1-3

NVD Description

Note: Versions mentioned in the description apply to the upstream aom package.

aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free.

Remediation

There is no fixed version for Debian:11 aom.

References

critical severity
new

Numeric Errors

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability.

Remediation

There is no fixed version for Debian:11 tiff.

References

high severity

Out-of-bounds Write

  • Vulnerable module: aom/libaom0
  • Introduced through: aom/libaom0@1.0.0.errata1-3

Detailed paths

  • Introduced through: python@latest aom/libaom0@1.0.0.errata1-3

NVD Description

Note: Versions mentioned in the description apply to the upstream aom package.

In extend_frame_lowbd of restoration.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150780418

Remediation

There is no fixed version for Debian:11 aom.

References

high severity

Cleartext Transmission of Sensitive Information

  • Vulnerable module: curl
  • Introduced through: curl@7.74.0-1.3+deb11u3, curl/libcurl3-gnutls@7.74.0-1.3+deb11u3 and others

Detailed paths

  • Introduced through: python@latest curl@7.74.0-1.3+deb11u3
  • Introduced through: python@latest curl/libcurl3-gnutls@7.74.0-1.3+deb11u3
  • Introduced through: python@latest curl/libcurl4@7.74.0-1.3+deb11u3
  • Introduced through: python@latest curl/libcurl4-openssl-dev@7.74.0-1.3+deb11u3

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package.

In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion, e.g., using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26.

Remediation

There is no fixed version for Debian:11 curl.

References

high severity

Buffer Overflow

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-27444

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-27445

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/sql_window.cc.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-27446

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.h.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-27449

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-27451

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/field_conv.cc.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-27452

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-32083

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-32084

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-32085

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-32086

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-32087

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-32088

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

CVE-2022-32089

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Reachable Assertion

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos == BTR_PCUR_ON' at /row/row0mysql.cc.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Reachable Assertion

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Reachable Assertion

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

SQL Injection

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

SQL Injection

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

An issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

SQL Injection

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

SQL Injection

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

SQL Injection

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

SQL Injection

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

SQL Injection

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Use After Free

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Use After Free

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Binary_string::free_buffer() at /sql/sql_string.h.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Use After Free

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Use After Free

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Use After Free

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Use After Free

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Use After Free

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Use After Free

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Use After Free

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

high severity

Use After Free

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

medium severity
new

CVE-2022-43238

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

CVE-2022-43245

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal<unsigned short> in sao.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_weighted_pred_avg_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_chroma<unsigned short> in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_luma<unsigned char> in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity
new

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

Remediation

There is no fixed version for Debian:11 libde265.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.

Remediation

There is no fixed version for Debian:11 tiff.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.

Remediation

There is no fixed version for Debian:11 tiff.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.

Remediation

There is no fixed version for Debian:11 tiff.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.

Remediation

There is no fixed version for Debian:11 tiff.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.

Remediation

There is no fixed version for Debian:11 tiff.

References

medium severity

CVE-2022-38791

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

medium severity

Out-of-Bounds

  • Vulnerable module: openexr/libopenexr-dev
  • Introduced through: openexr/libopenexr-dev@2.5.4-2 and openexr/libopenexr25@2.5.4-2

Detailed paths

  • Introduced through: python@latest openexr/libopenexr-dev@2.5.4-2
  • Introduced through: python@latest openexr/libopenexr25@2.5.4-2

NVD Description

Note: Versions mentioned in the description apply to the upstream openexr package.

There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.

Remediation

There is no fixed version for Debian:11 openexr.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: openexr/libopenexr-dev
  • Introduced through: openexr/libopenexr-dev@2.5.4-2 and openexr/libopenexr25@2.5.4-2

Detailed paths

  • Introduced through: python@latest openexr/libopenexr-dev@2.5.4-2
  • Introduced through: python@latest openexr/libopenexr25@2.5.4-2

NVD Description

Note: Versions mentioned in the description apply to the upstream openexr package.

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.

Remediation

There is no fixed version for Debian:11 openexr.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Out-of-bounds Read

  • Vulnerable module: db5.3/libdb5.3
  • Introduced through: db5.3/libdb5.3@5.3.28+dfsg1-0.8 and db5.3/libdb5.3-dev@5.3.28+dfsg1-0.8

Detailed paths

  • Introduced through: python@latest db5.3/libdb5.3@5.3.28+dfsg1-0.8
  • Introduced through: python@latest db5.3/libdb5.3-dev@5.3.28+dfsg1-0.8

NVD Description

Note: Versions mentioned in the description apply to the upstream db5.3 package.

SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.

Remediation

There is no fixed version for Debian:11 db5.3.

References

low severity

Out-of-Bounds

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.31-13+deb11u5, glibc/libc-dev-bin@2.31-13+deb11u5 and others

Detailed paths

  • Introduced through: python@latest glibc/libc-bin@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc-dev-bin@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc6@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc6-dev@2.31-13+deb11u5

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."

Remediation

There is no fixed version for Debian:11 glibc.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

CVE-2020-27619

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity

CVE-2021-29921

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses.

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity

Integer Overflow or Wraparound

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity

CVE-2005-2541

  • Vulnerable module: tar
  • Introduced through: tar@1.34+dfsg-1

Detailed paths

  • Introduced through: python@latest tar@1.34+dfsg-1

NVD Description

Note: Versions mentioned in the description apply to the upstream tar package.

Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.

Remediation

There is no fixed version for Debian:11 tar.

References

low severity

Out-of-bounds Read

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Use After Free

  • Vulnerable module: bluez/libbluetooth-dev
  • Introduced through: bluez/libbluetooth-dev@5.55-3.1 and bluez/libbluetooth3@5.55-3.1

Detailed paths

  • Introduced through: python@latest bluez/libbluetooth-dev@5.55-3.1
  • Introduced through: python@latest bluez/libbluetooth3@5.55-3.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bluez package.

An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.

Remediation

There is no fixed version for Debian:11 bluez.

References

low severity

Out-of-bounds Read

  • Vulnerable module: libtasn1-6
  • Introduced through: libtasn1-6@4.16.0-2

Detailed paths

  • Introduced through: python@latest libtasn1-6@4.16.0-2

NVD Description

Note: Versions mentioned in the description apply to the upstream libtasn1-6 package.

GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.

Remediation

There is no fixed version for Debian:11 libtasn1-6.

References

low severity

Buffer Overflow

  • Vulnerable module: aom/libaom0
  • Introduced through: aom/libaom0@1.0.0.errata1-3

Detailed paths

  • Introduced through: python@latest aom/libaom0@1.0.0.errata1-3

NVD Description

Note: Versions mentioned in the description apply to the upstream aom package.

AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h.

Remediation

There is no fixed version for Debian:11 aom.

References

low severity

Out-of-bounds Write

  • Vulnerable module: aom/libaom0
  • Introduced through: aom/libaom0@1.0.0.errata1-3

Detailed paths

  • Introduced through: python@latest aom/libaom0@1.0.0.errata1-3

NVD Description

Note: Versions mentioned in the description apply to the upstream aom package.

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/rate_hist.c.

Remediation

There is no fixed version for Debian:11 aom.

References

low severity

CVE-2022-39176

  • Vulnerable module: bluez/libbluetooth-dev
  • Introduced through: bluez/libbluetooth-dev@5.55-3.1 and bluez/libbluetooth3@5.55-3.1

Detailed paths

  • Introduced through: python@latest bluez/libbluetooth-dev@5.55-3.1
  • Introduced through: python@latest bluez/libbluetooth3@5.55-3.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bluez package.

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.

Remediation

There is no fixed version for Debian:11 bluez.

References

low severity

CVE-2022-39177

  • Vulnerable module: bluez/libbluetooth-dev
  • Introduced through: bluez/libbluetooth-dev@5.55-3.1 and bluez/libbluetooth3@5.55-3.1

Detailed paths

  • Introduced through: python@latest bluez/libbluetooth-dev@5.55-3.1
  • Introduced through: python@latest bluez/libbluetooth3@5.55-3.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bluez package.

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.

Remediation

There is no fixed version for Debian:11 bluez.

References

low severity

Incorrect Authorization

  • Vulnerable module: bluez/libbluetooth-dev
  • Introduced through: bluez/libbluetooth-dev@5.55-3.1 and bluez/libbluetooth3@5.55-3.1

Detailed paths

  • Introduced through: python@latest bluez/libbluetooth-dev@5.55-3.1
  • Introduced through: python@latest bluez/libbluetooth3@5.55-3.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bluez package.

Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.

Remediation

There is no fixed version for Debian:11 bluez.

References

low severity

Out-of-Bounds

  • Vulnerable module: bluez/libbluetooth-dev
  • Introduced through: bluez/libbluetooth-dev@5.55-3.1 and bluez/libbluetooth3@5.55-3.1

Detailed paths

  • Introduced through: python@latest bluez/libbluetooth-dev@5.55-3.1
  • Introduced through: python@latest bluez/libbluetooth3@5.55-3.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bluez package.

A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.

Remediation

There is no fixed version for Debian:11 bluez.

References

low severity

Improper Input Validation

  • Vulnerable module: git
  • Introduced through: git@1:2.30.2-1 and git/git-man@1:2.30.2-1

Detailed paths

  • Introduced through: python@latest git@1:2.30.2-1
  • Introduced through: python@latest git/git-man@1:2.30.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream git package.

GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).

Remediation

There is no fixed version for Debian:11 git.

References

low severity

Out-of-bounds Write

  • Vulnerable module: git
  • Introduced through: git@1:2.30.2-1 and git/git-man@1:2.30.2-1

Detailed paths

  • Introduced through: python@latest git@1:2.30.2-1
  • Introduced through: python@latest git/git-man@1:2.30.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream git package.

Git is an open source, scalable, distributed revision control system. git shell is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an int to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to execv(), it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to git shell as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling git shell access via remote logins is a viable short-term workaround.

Remediation

There is no fixed version for Debian:11 git.

References

low severity

CVE-2019-1010023

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.31-13+deb11u5, glibc/libc-dev-bin@2.31-13+deb11u5 and others

Detailed paths

  • Introduced through: python@latest glibc/libc-bin@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc-dev-bin@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc6@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc6-dev@2.31-13+deb11u5

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."

Remediation

There is no fixed version for Debian:11 glibc.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-Bounds

  • Vulnerable module: libwmf/libwmf-dev
  • Introduced through: libwmf/libwmf-dev@0.2.8.4-17 and libwmf/libwmf0.2-7@0.2.8.4-17

Detailed paths

  • Introduced through: python@latest libwmf/libwmf-dev@0.2.8.4-17
  • Introduced through: python@latest libwmf/libwmf0.2-7@0.2.8.4-17

NVD Description

Note: Versions mentioned in the description apply to the upstream libwmf package.

The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information.

Remediation

There is no fixed version for Debian:11 libwmf.

References

low severity

Out-of-bounds Write

  • Vulnerable module: ncurses/libncurses-dev
  • Introduced through: ncurses/libncurses-dev@6.2+20201114-2, ncurses/libncurses5-dev@6.2+20201114-2 and others

Detailed paths

  • Introduced through: python@latest ncurses/libncurses-dev@6.2+20201114-2
  • Introduced through: python@latest ncurses/libncurses5-dev@6.2+20201114-2
  • Introduced through: python@latest ncurses/libncurses6@6.2+20201114-2
  • Introduced through: python@latest ncurses/libncursesw5-dev@6.2+20201114-2
  • Introduced through: python@latest ncurses/libncursesw6@6.2+20201114-2
  • Introduced through: python@latest ncurses/libtinfo6@6.2+20201114-2
  • Introduced through: python@latest ncurses/ncurses-base@6.2+20201114-2
  • Introduced through: python@latest ncurses/ncurses-bin@6.2+20201114-2

NVD Description

Note: Versions mentioned in the description apply to the upstream ncurses package.

An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.

Remediation

There is no fixed version for Debian:11 ncurses.

References

low severity

Integer Overflow or Wraparound

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

Out-of-Bounds

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

Out-of-bounds Write

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

Out-of-bounds Write

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

Out-of-bounds Read

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Use After Free

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

** DISPUTED ** In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Incorrect Authorization

  • Vulnerable module: bluez/libbluetooth-dev
  • Introduced through: bluez/libbluetooth-dev@5.55-3.1 and bluez/libbluetooth3@5.55-3.1

Detailed paths

  • Introduced through: python@latest bluez/libbluetooth-dev@5.55-3.1
  • Introduced through: python@latest bluez/libbluetooth3@5.55-3.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bluez package.

Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.

Remediation

There is no fixed version for Debian:11 bluez.

References

low severity

Buffer Overflow

  • Vulnerable module: libheif/libheif1
  • Introduced through: libheif/libheif1@1.11.0-1

Detailed paths

  • Introduced through: python@latest libheif/libheif1@1.11.0-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libheif package.

Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.

Remediation

There is no fixed version for Debian:11 libheif.

References

low severity

Integer Overflow or Wraparound

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Out-of-bounds Read

  • Vulnerable module: e2fsprogs
  • Introduced through: e2fsprogs@1.46.2-2, e2fsprogs/comerr-dev@2.1-1.46.2-2 and others

Detailed paths

  • Introduced through: python@latest e2fsprogs@1.46.2-2
  • Introduced through: python@latest e2fsprogs/comerr-dev@2.1-1.46.2-2
  • Introduced through: python@latest e2fsprogs/libcom-err2@1.46.2-2
  • Introduced through: python@latest e2fsprogs/libext2fs2@1.46.2-2
  • Introduced through: python@latest e2fsprogs/libss2@1.46.2-2
  • Introduced through: python@latest e2fsprogs/logsave@1.46.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream e2fsprogs package.

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

Remediation

There is no fixed version for Debian:11 e2fsprogs.

References

low severity

Out-of-bounds Write

  • Vulnerable module: freetype/libfreetype-dev
  • Introduced through: freetype/libfreetype-dev@2.10.4+dfsg-1+deb11u1, freetype/libfreetype6@2.10.4+dfsg-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest freetype/libfreetype-dev@2.10.4+dfsg-1+deb11u1
  • Introduced through: python@latest freetype/libfreetype6@2.10.4+dfsg-1+deb11u1
  • Introduced through: python@latest freetype/libfreetype6-dev@2.10.4+dfsg-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream freetype package.

ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow.

Remediation

There is no fixed version for Debian:11 freetype.

References

low severity

Uncontrolled Search Path Element

  • Vulnerable module: git
  • Introduced through: git@1:2.30.2-1 and git/git-man@1:2.30.2-1

Detailed paths

  • Introduced through: python@latest git@1:2.30.2-1
  • Introduced through: python@latest git/git-man@1:2.30.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream git package.

Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder C:\.git, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set GIT_PS1_SHOWDIRTYSTATE are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in C:\.git\config. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder .git on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend GIT_CEILING_DIRECTORIES to cover the parent directory of the user profile, e.g. C:\Users if the user profile is located in C:\Users\my-user-name.

Remediation

There is no fixed version for Debian:11 git.

References

low severity

Uncontrolled Search Path Element

  • Vulnerable module: git
  • Introduced through: git@1:2.30.2-1 and git/git-man@1:2.30.2-1

Detailed paths

  • Introduced through: python@latest git@1:2.30.2-1
  • Introduced through: python@latest git/git-man@1:2.30.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream git package.

Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.

Remediation

There is no fixed version for Debian:11 git.

References

low severity

Buffer Overflow

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Incorrect Type Conversion or Cast

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Integer Overflow or Wraparound

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Integer Overflow or Wraparound

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Reachable Assertion

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

OS Command Injection

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:8.4p1-5+deb11u1

Detailed paths

  • Introduced through: python@latest openssh/openssh-client@1:8.4p1-5+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream openssh package.

** DISPUTED ** scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

Remediation

There is no fixed version for Debian:11 openssh.

References

low severity

Out-of-Bounds

  • Vulnerable module: pcre3/libpcre16-3
  • Introduced through: pcre3/libpcre16-3@2:8.39-13, pcre3/libpcre3@2:8.39-13 and others

Detailed paths

  • Introduced through: python@latest pcre3/libpcre16-3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre3-dev@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre32-3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcrecpp0v5@2:8.39-13

NVD Description

Note: Versions mentioned in the description apply to the upstream pcre3 package.

Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.

Remediation

There is no fixed version for Debian:11 pcre3.

References

low severity

Out-of-Bounds

  • Vulnerable module: pcre3/libpcre16-3
  • Introduced through: pcre3/libpcre16-3@2:8.39-13, pcre3/libpcre3@2:8.39-13 and others

Detailed paths

  • Introduced through: python@latest pcre3/libpcre16-3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre3-dev@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre32-3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcrecpp0v5@2:8.39-13

NVD Description

Note: Versions mentioned in the description apply to the upstream pcre3 package.

Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.

Remediation

There is no fixed version for Debian:11 pcre3.

References

low severity

Improper Verification of Cryptographic Signature

  • Vulnerable module: perl
  • Introduced through: perl@5.32.1-4+deb11u2, perl/libperl5.32@5.32.1-4+deb11u2 and others

Detailed paths

  • Introduced through: python@latest perl@5.32.1-4+deb11u2
  • Introduced through: python@latest perl/libperl5.32@5.32.1-4+deb11u2
  • Introduced through: python@latest perl/perl-base@5.32.1-4+deb11u2
  • Introduced through: python@latest perl/perl-modules-5.32@5.32.1-4+deb11u2

NVD Description

Note: Versions mentioned in the description apply to the upstream perl package.

CPAN 2.28 allows Signature Verification Bypass.

Remediation

There is no fixed version for Debian:11 perl.

References

low severity
new

CVE-2022-42919

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

Python 3.9.x and 3.10.x through 3.10.8 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.4, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity

Incorrect Permission Assignment for Critical Resource

  • Vulnerable module: shadow/login
  • Introduced through: shadow/login@1:4.8.1-1 and shadow/passwd@1:4.8.1-1

Detailed paths

  • Introduced through: python@latest shadow/login@1:4.8.1-1
  • Introduced through: python@latest shadow/passwd@1:4.8.1-1

NVD Description

Note: Versions mentioned in the description apply to the upstream shadow package.

shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).

Remediation

There is no fixed version for Debian:11 shadow.

References

low severity

Use of Externally-Controlled Format String

  • Vulnerable module: tcl8.6
  • Introduced through: tcl8.6@8.6.11+dfsg-1, tcl8.6/libtcl8.6@8.6.11+dfsg-1 and others

Detailed paths

  • Introduced through: python@latest tcl8.6@8.6.11+dfsg-1
  • Introduced through: python@latest tcl8.6/libtcl8.6@8.6.11+dfsg-1
  • Introduced through: python@latest tcl8.6/tcl8.6-dev@8.6.11+dfsg-1

NVD Description

Note: Versions mentioned in the description apply to the upstream tcl8.6 package.

** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties dispute the significance of this finding.

Remediation

There is no fixed version for Debian:11 tcl8.6.

References

low severity

Arbitrary Command Injection

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Out-of-Bounds

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Uncontrolled Recursion

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Improper Authentication

  • Vulnerable module: bluez/libbluetooth-dev
  • Introduced through: bluez/libbluetooth-dev@5.55-3.1 and bluez/libbluetooth3@5.55-3.1

Detailed paths

  • Introduced through: python@latest bluez/libbluetooth-dev@5.55-3.1
  • Introduced through: python@latest bluez/libbluetooth3@5.55-3.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bluez package.

Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).

Remediation

There is no fixed version for Debian:11 bluez.

References

low severity

Out-of-Bounds

  • Vulnerable module: bluez/libbluetooth-dev
  • Introduced through: bluez/libbluetooth-dev@5.55-3.1 and bluez/libbluetooth3@5.55-3.1

Detailed paths

  • Introduced through: python@latest bluez/libbluetooth-dev@5.55-3.1
  • Introduced through: python@latest bluez/libbluetooth3@5.55-3.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bluez package.

In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

Remediation

There is no fixed version for Debian:11 bluez.

References

low severity

Out-of-bounds Read

  • Vulnerable module: bluez/libbluetooth-dev
  • Introduced through: bluez/libbluetooth-dev@5.55-3.1 and bluez/libbluetooth3@5.55-3.1

Detailed paths

  • Introduced through: python@latest bluez/libbluetooth-dev@5.55-3.1
  • Introduced through: python@latest bluez/libbluetooth3@5.55-3.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bluez package.

In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.

Remediation

There is no fixed version for Debian:11 bluez.

References

low severity

Exposure of Resource to Wrong Sphere

  • Vulnerable module: git
  • Introduced through: git@1:2.30.2-1 and git/git-man@1:2.30.2-1

Detailed paths

  • Introduced through: python@latest git@1:2.30.2-1
  • Introduced through: python@latest git/git-man@1:2.30.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream git package.

The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. This could present a security risk if information-disclosure auditing processes rely on a clone operation without the --mirror option.

Remediation

There is no fixed version for Debian:11 git.

References

low severity

Uncontrolled Recursion

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.31-13+deb11u5, glibc/libc-dev-bin@2.31-13+deb11u5 and others

Detailed paths

  • Introduced through: python@latest glibc/libc-bin@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc-dev-bin@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc6@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc6-dev@2.31-13+deb11u5

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\1\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.

Remediation

There is no fixed version for Debian:11 glibc.

References

low severity

Uncontrolled Recursion

  • Vulnerable module: glibc/libc-bin
  • Introduced through: glibc/libc-bin@2.31-13+deb11u5, glibc/libc-dev-bin@2.31-13+deb11u5 and others

Detailed paths

  • Introduced through: python@latest glibc/libc-bin@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc-dev-bin@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc6@2.31-13+deb11u5
  • Introduced through: python@latest glibc/libc6-dev@2.31-13+deb11u5

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc package.

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\1\1|t1|\\2537)+' in grep.

Remediation

There is no fixed version for Debian:11 glibc.

References

low severity

CVE-2021-20313

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Divide By Zero

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Divide By Zero

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Integer Overflow or Wraparound

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Integer Overflow or Wraparound

  • Vulnerable module: krb5/krb5-multidev
  • Introduced through: krb5/krb5-multidev@1.18.3-6+deb11u2, krb5/libgssapi-krb5-2@1.18.3-6+deb11u2 and others

Detailed paths

  • Introduced through: python@latest krb5/krb5-multidev@1.18.3-6+deb11u2
  • Introduced through: python@latest krb5/libgssapi-krb5-2@1.18.3-6+deb11u2
  • Introduced through: python@latest krb5/libgssrpc4@1.18.3-6+deb11u2
  • Introduced through: python@latest krb5/libk5crypto3@1.18.3-6+deb11u2
  • Introduced through: python@latest krb5/libkadm5clnt-mit12@1.18.3-6+deb11u2
  • Introduced through: python@latest krb5/libkadm5srv-mit12@1.18.3-6+deb11u2
  • Introduced through: python@latest krb5/libkdb5-10@1.18.3-6+deb11u2
  • Introduced through: python@latest krb5/libkrb5-3@1.18.3-6+deb11u2
  • Introduced through: python@latest krb5/libkrb5-dev@1.18.3-6+deb11u2
  • Introduced through: python@latest krb5/libkrb5support0@1.18.3-6+deb11u2

NVD Description

Note: Versions mentioned in the description apply to the upstream krb5 package.

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.

Remediation

There is no fixed version for Debian:11 krb5.

References

low severity

Information Exposure

  • Vulnerable module: libgcrypt20
  • Introduced through: libgcrypt20@1.8.7-6

Detailed paths

  • Introduced through: python@latest libgcrypt20@1.8.7-6

NVD Description

Note: Versions mentioned in the description apply to the upstream libgcrypt20 package.

Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.

Remediation

There is no fixed version for Debian:11 libgcrypt20.

References

low severity

Use of a Broken or Risky Cryptographic Algorithm

  • Vulnerable module: libgcrypt20
  • Introduced through: libgcrypt20@1.8.7-6

Detailed paths

  • Introduced through: python@latest libgcrypt20@1.8.7-6

NVD Description

Note: Versions mentioned in the description apply to the upstream libgcrypt20 package.

cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.

Remediation

There is no fixed version for Debian:11 libgcrypt20.

References

low severity

Use After Free

  • Vulnerable module: mariadb-10.5/libmariadb-dev
  • Introduced through: mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1, mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1 and others

Detailed paths

  • Introduced through: python@latest mariadb-10.5/libmariadb-dev@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb-dev-compat@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/libmariadb3@1:10.5.15-0+deb11u1
  • Introduced through: python@latest mariadb-10.5/mariadb-common@1:10.5.15-0+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream mariadb-10.5 package.

MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.

Remediation

There is no fixed version for Debian:11 mariadb-10.5.

References

low severity

NULL Pointer Dereference

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

NULL Pointer Dereference

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

Out-of-Bounds

  • Vulnerable module: openldap/libldap-2.4-2
  • Introduced through: openldap/libldap-2.4-2@2.4.57+dfsg-3+deb11u1

Detailed paths

  • Introduced through: python@latest openldap/libldap-2.4-2@2.4.57+dfsg-3+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream openldap package.

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.

Remediation

There is no fixed version for Debian:11 openldap.

References

low severity

Double Free

  • Vulnerable module: patch
  • Introduced through: patch@2.7.6-7

Detailed paths

  • Introduced through: python@latest patch@2.7.6-7

NVD Description

Note: Versions mentioned in the description apply to the upstream patch package.

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

Remediation

There is no fixed version for Debian:11 patch.

References

low severity

NULL Pointer Dereference

  • Vulnerable module: patch
  • Introduced through: patch@2.7.6-7

Detailed paths

  • Introduced through: python@latest patch@2.7.6-7

NVD Description

Note: Versions mentioned in the description apply to the upstream patch package.

An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.

Remediation

There is no fixed version for Debian:11 patch.

References

low severity

Out-of-bounds Read

  • Vulnerable module: pcre3/libpcre16-3
  • Introduced through: pcre3/libpcre16-3@2:8.39-13, pcre3/libpcre3@2:8.39-13 and others

Detailed paths

  • Introduced through: python@latest pcre3/libpcre16-3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre3-dev@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre32-3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcrecpp0v5@2:8.39-13

NVD Description

Note: Versions mentioned in the description apply to the upstream pcre3 package.

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.

Remediation

There is no fixed version for Debian:11 pcre3.

References

low severity

Uncontrolled Recursion

  • Vulnerable module: pcre3/libpcre16-3
  • Introduced through: pcre3/libpcre16-3@2:8.39-13, pcre3/libpcre3@2:8.39-13 and others

Detailed paths

  • Introduced through: python@latest pcre3/libpcre16-3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre3-dev@2:8.39-13
  • Introduced through: python@latest pcre3/libpcre32-3@2:8.39-13
  • Introduced through: python@latest pcre3/libpcrecpp0v5@2:8.39-13

NVD Description

Note: Versions mentioned in the description apply to the upstream pcre3 package.

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

Remediation

There is no fixed version for Debian:11 pcre3.

References

low severity

Link Following

  • Vulnerable module: perl
  • Introduced through: perl@5.32.1-4+deb11u2, perl/libperl5.32@5.32.1-4+deb11u2 and others

Detailed paths

  • Introduced through: python@latest perl@5.32.1-4+deb11u2
  • Introduced through: python@latest perl/libperl5.32@5.32.1-4+deb11u2
  • Introduced through: python@latest perl/perl-base@5.32.1-4+deb11u2
  • Introduced through: python@latest perl/perl-modules-5.32@5.32.1-4+deb11u2

NVD Description

Note: Versions mentioned in the description apply to the upstream perl package.

_is_safe in the File::Temp module for Perl does not properly handle symlinks.

Remediation

There is no fixed version for Debian:11 perl.

References

low severity

Arbitrary Code Injection

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity

Incorrect Type Conversion or Cast

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity

Resource Exhaustion

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity
new

Resource Exhaustion

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity

CVE-2021-36690

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.34.1-3 and sqlite3/libsqlite3-dev@3.34.1-3

Detailed paths

  • Introduced through: python@latest sqlite3/libsqlite3-0@3.34.1-3
  • Introduced through: python@latest sqlite3/libsqlite3-dev@3.34.1-3

NVD Description

Note: Versions mentioned in the description apply to the upstream sqlite3 package.

** DISPUTED ** A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.

Remediation

There is no fixed version for Debian:11 sqlite3.

References

low severity

Improper Validation of Array Index

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.34.1-3 and sqlite3/libsqlite3-dev@3.34.1-3

Detailed paths

  • Introduced through: python@latest sqlite3/libsqlite3-0@3.34.1-3
  • Introduced through: python@latest sqlite3/libsqlite3-dev@3.34.1-3

NVD Description

Note: Versions mentioned in the description apply to the upstream sqlite3 package.

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.

Remediation

There is no fixed version for Debian:11 sqlite3.

References

low severity

Missing Release of Resource after Effective Lifetime

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Open Redirect

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

** DISPUTED ** Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity

CVE-2008-1687

  • Vulnerable module: m4
  • Introduced through: m4@1.4.18-5

Detailed paths

  • Introduced through: python@latest m4@1.4.18-5

NVD Description

Note: Versions mentioned in the description apply to the upstream m4 package.

The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename.

Remediation

There is no fixed version for Debian:11 m4.

References

low severity

CVE-2008-1688

  • Vulnerable module: m4
  • Introduced through: m4@1.4.18-5

Detailed paths

  • Introduced through: python@latest m4@1.4.18-5

NVD Description

Note: Versions mentioned in the description apply to the upstream m4 package.

Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries.

Remediation

There is no fixed version for Debian:11 m4.

References

low severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Use After Free

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. This vulnerability is triggered when an attacker passes a specially crafted DICOM image file to ImageMagick for conversion, potentially leading to information disclosure and a denial of service.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Out-of-bounds Read

  • Vulnerable module: ncurses/libncurses-dev
  • Introduced through: ncurses/libncurses-dev@6.2+20201114-2, ncurses/libncurses5-dev@6.2+20201114-2 and others

Detailed paths

  • Introduced through: python@latest ncurses/libncurses-dev@6.2+20201114-2
  • Introduced through: python@latest ncurses/libncurses5-dev@6.2+20201114-2
  • Introduced through: python@latest ncurses/libncurses6@6.2+20201114-2
  • Introduced through: python@latest ncurses/libncursesw5-dev@6.2+20201114-2
  • Introduced through: python@latest ncurses/libncursesw6@6.2+20201114-2
  • Introduced through: python@latest ncurses/libtinfo6@6.2+20201114-2
  • Introduced through: python@latest ncurses/ncurses-base@6.2+20201114-2
  • Introduced through: python@latest ncurses/ncurses-bin@6.2+20201114-2

NVD Description

Note: Versions mentioned in the description apply to the upstream ncurses package.

ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

Remediation

There is no fixed version for Debian:11 ncurses.

References

low severity

CVE-2021-41617

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:8.4p1-5+deb11u1

Detailed paths

  • Introduced through: python@latest openssh/openssh-client@1:8.4p1-5+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream openssh package.

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

Remediation

There is no fixed version for Debian:11 openssh.

References

low severity

Inappropriate Encoding for Output Context

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:8.4p1-5+deb11u1

Detailed paths

  • Introduced through: python@latest openssh/openssh-client@1:8.4p1-5+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream openssh package.

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

Remediation

There is no fixed version for Debian:11 openssh.

References

low severity

NULL Pointer Dereference

  • Vulnerable module: aom/libaom0
  • Introduced through: aom/libaom0@1.0.0.errata1-3

Detailed paths

  • Introduced through: python@latest aom/libaom0@1.0.0.errata1-3

NVD Description

Note: Versions mentioned in the description apply to the upstream aom package.

AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1_dx_iface.c.

Remediation

There is no fixed version for Debian:11 aom.

References

low severity

NULL Pointer Dereference

  • Vulnerable module: aom/libaom0
  • Introduced through: aom/libaom0@1.0.0.errata1-3

Detailed paths

  • Introduced through: python@latest aom/libaom0@1.0.0.errata1-3

NVD Description

Note: Versions mentioned in the description apply to the upstream aom package.

AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component rate_hist.c.

Remediation

There is no fixed version for Debian:11 aom.

References

low severity

Improper Input Validation

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Incorrect Authorization

  • Vulnerable module: bluez/libbluetooth-dev
  • Introduced through: bluez/libbluetooth-dev@5.55-3.1 and bluez/libbluetooth3@5.55-3.1

Detailed paths

  • Introduced through: python@latest bluez/libbluetooth-dev@5.55-3.1
  • Introduced through: python@latest bluez/libbluetooth3@5.55-3.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bluez package.

bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the bluetooth stack to physically nearby attackers.

Remediation

There is no fixed version for Debian:11 bluez.

References

low severity

Memory Leak

  • Vulnerable module: bluez/libbluetooth-dev
  • Introduced through: bluez/libbluetooth-dev@5.55-3.1 and bluez/libbluetooth3@5.55-3.1

Detailed paths

  • Introduced through: python@latest bluez/libbluetooth-dev@5.55-3.1
  • Introduced through: python@latest bluez/libbluetooth3@5.55-3.1

NVD Description

Note: Versions mentioned in the description apply to the upstream bluez package.

BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object, which can be caused by an attacker continuously sending sdp packets and this may cause the service of the target device to crash.

Remediation

There is no fixed version for Debian:11 bluez.

References

low severity

Loop with Unreachable Exit Condition ('Infinite Loop')

  • Vulnerable module: cairo/libcairo-gobject2
  • Introduced through: cairo/libcairo-gobject2@1.16.0-5, cairo/libcairo-script-interpreter2@1.16.0-5 and others

Detailed paths

  • Introduced through: python@latest cairo/libcairo-gobject2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo-script-interpreter2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo2-dev@1.16.0-5

NVD Description

Note: Versions mentioned in the description apply to the upstream cairo package.

An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.

Remediation

There is no fixed version for Debian:11 cairo.

References

low severity

Out-of-bounds Write

  • Vulnerable module: cairo/libcairo-gobject2
  • Introduced through: cairo/libcairo-gobject2@1.16.0-5, cairo/libcairo-script-interpreter2@1.16.0-5 and others

Detailed paths

  • Introduced through: python@latest cairo/libcairo-gobject2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo-script-interpreter2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo2-dev@1.16.0-5

NVD Description

Note: Versions mentioned in the description apply to the upstream cairo package.

cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

Remediation

There is no fixed version for Debian:11 cairo.

References

low severity

Reachable Assertion

  • Vulnerable module: cairo/libcairo-gobject2
  • Introduced through: cairo/libcairo-gobject2@1.16.0-5, cairo/libcairo-script-interpreter2@1.16.0-5 and others

Detailed paths

  • Introduced through: python@latest cairo/libcairo-gobject2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo-script-interpreter2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo2-dev@1.16.0-5

NVD Description

Note: Versions mentioned in the description apply to the upstream cairo package.

An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.

Remediation

There is no fixed version for Debian:11 cairo.

References

low severity

Improper Input Validation

  • Vulnerable module: coreutils/coreutils
  • Introduced through: coreutils/coreutils@8.32-4+b1

Detailed paths

  • Introduced through: python@latest coreutils/coreutils@8.32-4+b1

NVD Description

Note: Versions mentioned in the description apply to the upstream coreutils package.

chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

Remediation

There is no fixed version for Debian:11 coreutils.

References

low severity

Improper Handling of Exceptional Conditions

  • Vulnerable module: curl
  • Introduced through: curl@7.74.0-1.3+deb11u3, curl/libcurl3-gnutls@7.74.0-1.3+deb11u3 and others

Detailed paths

  • Introduced through: python@latest curl@7.74.0-1.3+deb11u3
  • Introduced through: python@latest curl/libcurl3-gnutls@7.74.0-1.3+deb11u3
  • Introduced through: python@latest curl/libcurl4@7.74.0-1.3+deb11u3
  • Introduced through: python@latest curl/libcurl4-openssl-dev@7.74.0-1.3+deb11u3

NVD Description

Note: Versions mentioned in the description apply to the upstream curl package.

When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.

Remediation

There is no fixed version for Debian:11 curl.

References

low severity

Missing Release of Resource after Effective Lifetime

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Missing Release of Resource after Effective Lifetime

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Resource Exhaustion

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Out-of-Bounds

  • Vulnerable module: jbigkit/libjbig-dev
  • Introduced through: jbigkit/libjbig-dev@2.1-3.1+b2 and jbigkit/libjbig0@2.1-3.1+b2

Detailed paths

  • Introduced through: python@latest jbigkit/libjbig-dev@2.1-3.1+b2
  • Introduced through: python@latest jbigkit/libjbig0@2.1-3.1+b2

NVD Description

Note: Versions mentioned in the description apply to the upstream jbigkit package.

In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.

Remediation

There is no fixed version for Debian:11 jbigkit.

References

low severity

Buffer Overflow

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

CVE-2020-21605

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a segmentation fault in the apply_sao_internal function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

CVE-2021-35452

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fallback function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Out-of-bounds Write

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file.

Remediation

There is no fixed version for Debian:11 libde265.

References

low severity

Memory Leak

  • Vulnerable module: libpng1.6/libpng-dev
  • Introduced through: libpng1.6/libpng-dev@1.6.37-3 and libpng1.6/libpng16-16@1.6.37-3

Detailed paths

  • Introduced through: python@latest libpng1.6/libpng-dev@1.6.37-3
  • Introduced through: python@latest libpng1.6/libpng16-16@1.6.37-3

NVD Description

Note: Versions mentioned in the description apply to the upstream libpng1.6 package.

** DISPUTED ** png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer."

Remediation

There is no fixed version for Debian:11 libpng1.6.

References

low severity

Divide By Zero

  • Vulnerable module: openexr/libopenexr-dev
  • Introduced through: openexr/libopenexr-dev@2.5.4-2 and openexr/libopenexr25@2.5.4-2

Detailed paths

  • Introduced through: python@latest openexr/libopenexr-dev@2.5.4-2
  • Introduced through: python@latest openexr/libopenexr25@2.5.4-2

NVD Description

Note: Versions mentioned in the description apply to the upstream openexr package.

In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y; and chroma.green.y * (X + Z))) / d; but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition which could affect the availability of programs linked with OpenEXR.

Remediation

There is no fixed version for Debian:11 openexr.

References

low severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

Divide By Zero

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

Improper Input Validation

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

NULL Pointer Dereference

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

NULL Pointer Dereference

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

NULL Pointer Dereference

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

Out-of-Bounds

  • Vulnerable module: openjpeg2/libopenjp2-7
  • Introduced through: openjpeg2/libopenjp2-7@2.4.0-3 and openjpeg2/libopenjp2-7-dev@2.4.0-3

Detailed paths

  • Introduced through: python@latest openjpeg2/libopenjp2-7@2.4.0-3
  • Introduced through: python@latest openjpeg2/libopenjp2-7-dev@2.4.0-3

NVD Description

Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

Remediation

There is no fixed version for Debian:11 openjpeg2.

References

low severity

Resource Exhaustion

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity

Divide By Zero

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Divide By Zero

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Divide By Zero

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Divide By Zero

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Double Free

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

NULL Pointer Dereference

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Reachable Assertion

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Release of Invalid Pointer or Reference

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Resource Exhaustion

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Race Condition

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

XML External Entity (XXE) Injection

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.2.10-2+deb11u5 and expat/libexpat1-dev@2.2.10-2+deb11u5

Detailed paths

  • Introduced through: python@latest expat/libexpat1@2.2.10-2+deb11u5
  • Introduced through: python@latest expat/libexpat1-dev@2.2.10-2+deb11u5

NVD Description

Note: Versions mentioned in the description apply to the upstream expat package.

expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.

Remediation

There is no fixed version for Debian:11 expat.

References

low severity

Numeric Errors

  • Vulnerable module: libwmf/libwmf-dev
  • Introduced through: libwmf/libwmf-dev@0.2.8.4-17 and libwmf/libwmf0.2-7@0.2.8.4-17

Detailed paths

  • Introduced through: python@latest libwmf/libwmf-dev@0.2.8.4-17
  • Introduced through: python@latest libwmf/libwmf0.2-7@0.2.8.4-17

NVD Description

Note: Versions mentioned in the description apply to the upstream libwmf package.

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function.

Remediation

There is no fixed version for Debian:11 libwmf.

References

low severity

Access Restriction Bypass

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:8.4p1-5+deb11u1

Detailed paths

  • Introduced through: python@latest openssh/openssh-client@1:8.4p1-5+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream openssh package.

sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.

Remediation

There is no fixed version for Debian:11 openssh.

References

low severity

Access Restriction Bypass

  • Vulnerable module: shadow/login
  • Introduced through: shadow/login@1:4.8.1-1 and shadow/passwd@1:4.8.1-1

Detailed paths

  • Introduced through: python@latest shadow/login@1:4.8.1-1
  • Introduced through: python@latest shadow/passwd@1:4.8.1-1

NVD Description

Note: Versions mentioned in the description apply to the upstream shadow package.

initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.

Remediation

There is no fixed version for Debian:11 shadow.

References

low severity

Cross-site Scripting (XSS)

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.10+dfsg-6.7+deb11u3 and libxml2/libxml2-dev@2.9.10+dfsg-6.7+deb11u3

Detailed paths

  • Introduced through: python@latest libxml2@2.9.10+dfsg-6.7+deb11u3
  • Introduced through: python@latest libxml2/libxml2-dev@2.9.10+dfsg-6.7+deb11u3

NVD Description

Note: Versions mentioned in the description apply to the upstream libxml2 package.

Possible cross-site scripting vulnerability in libxml after commit 960f0e2.

Remediation

There is no fixed version for Debian:11 libxml2.

References

low severity

Authentication Bypass

  • Vulnerable module: systemd/libsystemd0
  • Introduced through: systemd/libsystemd0@247.3-7+deb11u1 and systemd/libudev1@247.3-7+deb11u1

Detailed paths

  • Introduced through: python@latest systemd/libsystemd0@247.3-7+deb11u1
  • Introduced through: python@latest systemd/libudev1@247.3-7+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream systemd package.

An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.

Remediation

There is no fixed version for Debian:11 systemd.

References

low severity

Stack-based Buffer Overflow

  • Vulnerable module: tiff/libtiff-dev
  • Introduced through: tiff/libtiff-dev@4.2.0-1+deb11u1, tiff/libtiff5@4.2.0-1+deb11u1 and others

Detailed paths

  • Introduced through: python@latest tiff/libtiff-dev@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiff5@4.2.0-1+deb11u1
  • Introduced through: python@latest tiff/libtiffxx5@4.2.0-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream tiff package.

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.

Remediation

There is no fixed version for Debian:11 tiff.

References

low severity

Open Redirect

  • Vulnerable module: wget
  • Introduced through: wget@1.21-1+deb11u1

Detailed paths

  • Introduced through: python@latest wget@1.21-1+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream wget package.

GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.

Remediation

There is no fixed version for Debian:11 wget.

References

low severity

Information Exposure

  • Vulnerable module: openssh/openssh-client
  • Introduced through: openssh/openssh-client@1:8.4p1-5+deb11u1

Detailed paths

  • Introduced through: python@latest openssh/openssh-client@1:8.4p1-5+deb11u1

NVD Description

Note: Versions mentioned in the description apply to the upstream openssh package.

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

Remediation

There is no fixed version for Debian:11 openssh.

References

low severity

Directory Traversal

  • Vulnerable module: python3.9
  • Introduced through: python3.9@3.9.2-1, python3.9/libpython3.9-minimal@3.9.2-1 and others

Detailed paths

  • Introduced through: python@latest python3.9@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-minimal@3.9.2-1
  • Introduced through: python@latest python3.9/libpython3.9-stdlib@3.9.2-1
  • Introduced through: python@latest python3.9/python3.9-minimal@3.9.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream python3.9 package.

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.

Remediation

There is no fixed version for Debian:11 python3.9.

References

low severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Uncontrolled Recursion

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Uncontrolled Recursion

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

Use After Free

  • Vulnerable module: binutils
  • Introduced through: binutils@2.35.2-2, binutils/binutils-common@2.35.2-2 and others

Detailed paths

  • Introduced through: python@latest binutils@2.35.2-2
  • Introduced through: python@latest binutils/binutils-common@2.35.2-2
  • Introduced through: python@latest binutils/binutils-x86-64-linux-gnu@2.35.2-2
  • Introduced through: python@latest binutils/libbinutils@2.35.2-2
  • Introduced through: python@latest binutils/libctf-nobfd0@2.35.2-2
  • Introduced through: python@latest binutils/libctf0@2.35.2-2

NVD Description

Note: Versions mentioned in the description apply to the upstream binutils package.

In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.

Remediation

There is no fixed version for Debian:11 binutils.

References

low severity

NULL Pointer Dereference

  • Vulnerable module: cairo/libcairo-gobject2
  • Introduced through: cairo/libcairo-gobject2@1.16.0-5, cairo/libcairo-script-interpreter2@1.16.0-5 and others

Detailed paths

  • Introduced through: python@latest cairo/libcairo-gobject2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo-script-interpreter2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo2@1.16.0-5
  • Introduced through: python@latest cairo/libcairo2-dev@1.16.0-5

NVD Description

Note: Versions mentioned in the description apply to the upstream cairo package.

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.

Remediation

There is no fixed version for Debian:11 cairo.

References

low severity

Link Following

  • Vulnerable module: git
  • Introduced through: git@1:2.30.2-1 and git/git-man@1:2.30.2-1

Detailed paths

  • Introduced through: python@latest git@1:2.30.2-1
  • Introduced through: python@latest git/git-man@1:2.30.2-1

NVD Description

Note: Versions mentioned in the description apply to the upstream git package.

Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of the source's $GIT_DIR/objects directory into the destination by either creating hardlinks to the source contents, or copying them (if hardlinks are disabled via --no-hardlinks). A malicious actor could convince a victim to clone a repository with a symbolic link pointing at sensitive information on the victim's machine. This can be done either by having the victim clone a malicious repository on the same machine, or having them clone a malicious repository embedded as a bare repository via a submodule from any source, provided they clone with the --recurse-submodules option. Git does not create symbolic links in the $GIT_DIR/objects directory. The problem has been patched in the versions published on 2022-10-18, and backported to v2.30.x. Potential workarounds: Avoid cloning untrusted repositories using the --local optimization when on a shared machine, either by passing the --no-local option to git clone or cloning from a URL that uses the file:// scheme. Alternatively, avoid cloning repositories from untrusted sources with --recurse-submodules or run git config --global protocol.file.allow user.

Remediation

There is no fixed version for Debian:11 git.

References

low severity

Integer Overflow or Wraparound

  • Vulnerable module: harfbuzz/libharfbuzz0b
  • Introduced through: harfbuzz/libharfbuzz0b@2.7.4-1

Detailed paths

  • Introduced through: python@latest harfbuzz/libharfbuzz0b@2.7.4-1

NVD Description

Note: Versions mentioned in the description apply to the upstream harfbuzz package.

An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

Remediation

There is no fixed version for Debian:11 harfbuzz.

References

low severity

Divide By Zero

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Divide By Zero

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Divide By Zero

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Divide By Zero

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Divide By Zero

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Improper Input Validation

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Out-of-Bounds

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Out-of-bounds Read

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

Out-of-bounds Write

  • Vulnerable module: imagemagick
  • Introduced through: imagemagick@8:6.9.11.60+dfsg-1.3, imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3 and others

Detailed paths

  • Introduced through: python@latest imagemagick@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6-common@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/imagemagick-6.q16@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-arch-config@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-6-extra@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickcore-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6-headers@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-6@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-6.q16-dev@8:6.9.11.60+dfsg-1.3
  • Introduced through: python@latest imagemagick/libmagickwand-dev@8:6.9.11.60+dfsg-1.3

NVD Description

Note: Versions mentioned in the description apply to the upstream imagemagick package.

A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.

Remediation

There is no fixed version for Debian:11 imagemagick.

References

low severity

CVE-2021-36411

  • Vulnerable module: libde265/libde265-0
  • Introduced through: libde265/libde265-0@1.0.8-1

Detailed paths

  • Introduced through: python@latest libde265/libde265-0@1.0.8-1

NVD Description

Note: Versions mentioned in the description apply to the upstream libde265 package.

An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.

Remediation

There is no fixed version for Debian:11 libde265.

References