Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/Core/Ap4String.cpp
/Bento4-1.5.0-617/Source/C++/Core/Ap4String.cpp

CVE-2018-13846

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4Mpeg2Ts.cpp

Vulnerability Details

An issue has been found in Bento4 1.5.1-624. AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp has a heap-based buffer over-read after a call from Mp42Ts.cpp, a related issue to CVE-2018-14532.

Publish Date: 2018-07-10

URL: CVE-2018-13846

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2018-14532

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4Mpeg2Ts.cpp

Vulnerability Details

An issue was discovered in Bento4 1.5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846.

Publish Date: 2018-07-23

URL: CVE-2018-14532

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2017-14639

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4SampleEntry.cpp

Vulnerability Details

AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, which causes a stack-based buffer underflow and out-of-bounds write, leading to denial of service (application crash) or possibly unspecified other impact.

Publish Date: 2017-09-21

URL: CVE-2017-14639

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14639

Release Date: 2017-09-21

Fix Resolution: v1.5.0-618

Step up your Open Source Security Game with Mend here

CVE-2019-15048

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/Core/Ap4RtpAtom.cpp
/Bento4-1.5.0-617/Source/C++/Core/Ap4RtpAtom.cpp

Vulnerability Details

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp.

Publish Date: 2019-08-14

URL: CVE-2019-15048

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2019-15049

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/Core/Ap4Dec3Atom.cpp
/Bento4-1.5.0-617/Source/C++/Core/Ap4Dec3Atom.cpp

Vulnerability Details

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.

Publish Date: 2019-08-14

URL: CVE-2019-15049

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2019-8378

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/Codecs/Ap4BitStream.cpp
/Bento4-1.5.0-617/Source/C++/Codecs/Ap4BitStream.cpp

Vulnerability Details

An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4_BitStream::ReadBytes() in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Publish Date: 2019-02-17

URL: CVE-2019-8378

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2021-32265

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4ByteStream.cpp

Vulnerability Details

An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure.

Publish Date: 2021-09-20

URL: CVE-2021-32265

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2018-14587

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4ByteStream.cpp

Vulnerability Details

An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read.

Publish Date: 2018-07-24

URL: CVE-2018-14587

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2019-8380

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/Core/Ap4Track.cpp
/Bento4-1.5.0-617/Source/C++/Core/Ap4Track.cpp

Vulnerability Details

An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in AP4_Track::GetSampleIndexForTimeStampMs() located in Core/Ap4Track.cpp. It can triggered by sending a crafted file to the mp4audioclip binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Publish Date: 2019-02-17

URL: CVE-2019-8380

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2018-14589

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/Codecs/Ap4Mp4AudioInfo.cpp
/Bento4-1.5.0-617/Source/C++/Codecs/Ap4Mp4AudioInfo.cpp

Vulnerability Details

An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read.

Publish Date: 2018-07-24

URL: CVE-2018-14589

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2018-14586

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4Mpeg2Ts.cpp

Vulnerability Details

An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532.

Publish Date: 2018-07-24

URL: CVE-2018-14586

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2018-14585

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4Utils.h

Vulnerability Details

An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.

Publish Date: 2018-07-24

URL: CVE-2018-14585

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2019-8382

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/Core/Ap4List.h
/Bento4-1.5.0-617/Source/C++/Core/Ap4List.h

Vulnerability Details

An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in the function AP4_List:Find located in Core/Ap4List.h when called from Core/Ap4Movie.cpp. It can be triggered by sending a crafted file to the mp4dump binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Publish Date: 2019-02-17

URL: CVE-2019-8382

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2019-17530

Vulnerable Libraries - Bento4v1.5.0-617, Bento4v1.5.0-617

Vulnerability Details

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.

Publish Date: 2019-10-12

URL: CVE-2019-17530

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2018-5253

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4FtypAtom.cpp

Vulnerability Details

The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling.

Publish Date: 2018-01-05

URL: CVE-2018-5253

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5253

Release Date: 2018-01-05

Fix Resolution: v1.5.1-623

Step up your Open Source Security Game with Mend here

CVE-2017-14261

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4StszAtom.cpp

Vulnerability Details

In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file.

Publish Date: 2017-09-11

URL: CVE-2017-14261

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14261

Release Date: 2017-09-11

Fix Resolution: v1.5.0-618

Step up your Open Source Security Game with Mend here

CVE-2017-14259

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4StssAtom.cpp

Vulnerability Details

In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.

Publish Date: 2017-09-11

URL: CVE-2017-14259

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14259

Release Date: 2017-09-11

Fix Resolution: v1.5.0-618

Step up your Open Source Security Game with Mend here

CVE-2017-14258

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4StscAtom.h

Vulnerability Details

In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file.

Publish Date: 2017-09-11

URL: CVE-2017-14258

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2019-17529

Vulnerable Libraries - Bento4v1.5.0-617, Bento4v1.5.0-617

Vulnerability Details

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.

Publish Date: 2019-10-12

URL: CVE-2019-17529

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2019-6132

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/Core/Ap4String.cpp
/Bento4-1.5.0-617/Source/C++/Core/Ap4String.cpp

Vulnerability Details

An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp when called from the AP4_EsdsAtom class in Core/Ap4EsdsAtom.cpp, as demonstrated by mp42aac.

Publish Date: 2019-01-11

URL: CVE-2019-6132

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2020-23331

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/Core/Ap4Descriptor.h
/Bento4-1.5.0-617/Source/C++/Core/Ap4Descriptor.h

Vulnerability Details

An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_DescriptorListWriter::Action component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).

Publish Date: 2021-08-17

URL: CVE-2020-23331

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2020-23332

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/System/StdC/Ap4StdCFileByteStream.cpp
/Bento4-1.5.0-617/Source/C++/System/StdC/Ap4StdCFileByteStream.cpp

Vulnerability Details

A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of Bento4 version 06c39d9. This issue can lead to a denial of service (DOS).

Publish Date: 2021-08-17

URL: CVE-2020-23332

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2020-23330

Vulnerable Libraries - Bento4v1.5.0-617, Bento4v1.5.0-617

Vulnerability Details

An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_Stz2Atom::GetSampleSize component located in /Core/Ap4Stz2Atom.cpp. It allows an attacker to cause a denial of service (DOS).

Publish Date: 2021-08-17

URL: CVE-2020-23330

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23330

Release Date: 2021-08-17

Fix Resolution: v1.6.0-635

Step up your Open Source Security Game with Mend here

CVE-2020-23333

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4CttsAtom.cpp

Vulnerability Details

A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9. This can lead to a denial of service (DOS).

Publish Date: 2021-08-17

URL: CVE-2020-23333

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23333

Release Date: 2021-08-17

Fix Resolution: v1.6.0-635

Step up your Open Source Security Game with Mend here

CVE-2020-23334

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (1)

/Bento4-1.5.0-617/Source/C++/Core/Ap4Atom.cpp

Vulnerability Details

A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault.

Publish Date: 2021-08-17

URL: CVE-2020-23334

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23334

Release Date: 2021-08-17

Fix Resolution: v1.6.0-635

Step up your Open Source Security Game with Mend here

CVE-2019-13238

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/Core/Ap4SdpAtom.cpp
/Bento4-1.5.0-617/Source/C++/Core/Ap4SdpAtom.cpp

Vulnerability Details

An issue was discovered in Bento4 1.5.1.0. A memory allocation failure is unhandled in Core/Ap4SdpAtom.cpp and leads to crashes. When parsing input video, the program allocates a new buffer to parse an atom in the stream. The unhandled memory allocation failure causes a direct copy to a NULL pointer.

Publish Date: 2019-07-04

URL: CVE-2019-13238

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2018-14588

Vulnerable Library - Bento4v1.5.0-617

Full-featured MP4 format, MPEG DASH, HLS, CMAF SDK and tools

Library home page: https://github.com/axiomatic-systems/Bento4.git

Found in base branch: main

Vulnerable Source Files (2)

/Bento4-1.5.0-617/Source/C++/Core/Ap4DataBuffer.cpp
/Bento4-1.5.0-617/Source/C++/Core/Ap4DataBuffer.cpp

Vulnerability Details

An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.

Publish Date: 2018-07-24

URL: CVE-2018-14588

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2019-17528

Vulnerable Libraries - Bento4v1.5.0-617, Bento4v1.5.0-617

Vulnerability Details

An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.

Publish Date: 2019-10-12

URL: CVE-2019-17528

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

Vulnerable Library - sulinosversion-2.0.16

Indipendent distro uses inary package system. Sulin is roolling donkey

Library home page: https://sourceforge.net/projects/sulinos/

Vulnerable Source Files (1)

CVE-2015-8751

Vulnerable Library - sulinosversion-2.0.16

Indipendent distro uses inary package system. Sulin is roolling donkey

Library home page: https://sourceforge.net/projects/sulinos/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.

Publish Date: 2020-02-17

URL: CVE-2015-8751

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2018-19543

Vulnerable Library - sulinosversion-2.0.16

Indipendent distro uses inary package system. Sulin is roolling donkey

Library home page: https://sourceforge.net/projects/sulinos/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

Publish Date: 2018-11-26

URL: CVE-2018-19543

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2021-26926

Vulnerable Library - sulinosversion-2.0.16

Indipendent distro uses inary package system. Sulin is roolling donkey

Library home page: https://sourceforge.net/projects/sulinos/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.

Publish Date: 2021-02-23

URL: CVE-2021-26926

CVSS 3 Score Details (7.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26926

Release Date: 2021-02-23

Fix Resolution: version-2.0.25

Step up your Open Source Security Game with Mend here

CVE-2021-3467

Vulnerable Library - sulinosversion-2.0.16

Indipendent distro uses inary package system. Sulin is roolling donkey

Library home page: https://sourceforge.net/projects/sulinos/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.

Publish Date: 2021-03-25

URL: CVE-2021-3467

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3467

Release Date: 2021-03-25

Fix Resolution: 2.0.26

Step up your Open Source Security Game with Mend here

CVE-2021-3443

Vulnerable Library - sulinosversion-2.0.16

Indipendent distro uses inary package system. Sulin is roolling donkey

Library home page: https://sourceforge.net/projects/sulinos/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.

Publish Date: 2021-03-25

URL: CVE-2021-3443

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2021-03-16

Fix Resolution: 2.0.27

Step up your Open Source Security Game with Mend here

CVE-2021-26927

Vulnerable Library - sulinosversion-2.0.16

Indipendent distro uses inary package system. Sulin is roolling donkey

Library home page: https://sourceforge.net/projects/sulinos/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service.

Publish Date: 2021-02-23

URL: CVE-2021-26927

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26927

Release Date: 2021-02-23

Fix Resolution: version-2.0.25

Step up your Open Source Security Game with Mend here

CVE-2017-5504

Vulnerable Library - sulinosversion-2.0.16

Indipendent distro uses inary package system. Sulin is roolling donkey

Library home page: https://sourceforge.net/projects/sulinos/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.

Publish Date: 2017-03-01

URL: CVE-2017-5504

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5504

Release Date: 2017-03-01

Fix Resolution: version-2.0.17

Step up your Open Source Security Game with Mend here

CVE-2017-5505

Vulnerable Library - sulinosversion-2.0.16

Indipendent distro uses inary package system. Sulin is roolling donkey

Library home page: https://sourceforge.net/projects/sulinos/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.

Publish Date: 2017-03-16

URL: CVE-2017-5505

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5505

Release Date: 2017-03-16

Fix Resolution: version-2.0.17

Step up your Open Source Security Game with Mend here

CVE-2021-3272

Vulnerable Library - sulinosversion-2.0.16

Indipendent distro uses inary package system. Sulin is roolling donkey

Library home page: https://sourceforge.net/projects/sulinos/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.

Publish Date: 2021-01-27

URL: CVE-2021-3272

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-3272

Release Date: 2021-01-27

Fix Resolution: jasper-utils-debuginfo - 2.0.14-5,2.0.14-5;jasper - 2.0.14-5;jasper-debuginfo - 2.0.14-5;jasper-debugsource - 2.0.14-5,2.0.14-5;jasper-libs - 2.0.14-5,2.0.14-5,2.0.14-5,2.0.14-5,2.0.14-5;jasper-libs-debuginfo - 2.0.14-5,2.0.14-5

Step up your Open Source Security Game with Mend here

CVE-2018-18873

Vulnerable Library - sulinosversion-2.0.16

Indipendent distro uses inary package system. Sulin is roolling donkey

Library home page: https://sourceforge.net/projects/sulinos/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.

Publish Date: 2018-10-31

URL: CVE-2018-18873

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-18873

Release Date: 2018-10-31

Fix Resolution: libjasper-dev - 1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3;libjasper-1.701-1 - 1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3;libjasper-1.701-dev - 1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3;libjasper-runtime - 1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3;libjasper1 - 1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3,1.900.1-debian1-2.4ubuntu1.3

Step up your Open Source Security Game with Mend here

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Vulnerable Source Files (1)

CVE-2017-9117

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (2)

/tiff-4.0.1/tools/bmp2tiff.c
/tiff-4.0.1/tools/bmp2tiff.c

Vulnerability Details

In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.

Publish Date: 2017-05-21

URL: CVE-2017-9117

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-9117

Release Date: 2017-05-21

Fix Resolution: Release-v4-0-7

Step up your Open Source Security Game with Mend here

CVE-2017-5563

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.

Publish Date: 2017-01-23

URL: CVE-2017-5563

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://security.gentoo.org/glsa/201709-27

Release Date: 2017-01-23

Fix Resolution: Release-v4-0-8

Step up your Open Source Security Game with Mend here

CVE-2017-17942

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (2)

/tiff-4.0.1/tools/bmp2tiff.c
/tiff-4.0.1/tools/bmp2tiff.c

Vulnerability Details

In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c.
Mend Note: After conducting further research, Mend has determined that all versions of LibTIFF before version 4.0.7 are vulnerable to CVE-2017-17942.

Publish Date: 2017-12-28

URL: CVE-2017-17942

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17942

Release Date: 2017-12-28

Fix Resolution: 4.0.7

Step up your Open Source Security Game with Mend here

CVE-2019-17546

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.

Publish Date: 2019-10-14

URL: CVE-2019-17546

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-17546

Release Date: 2020-08-24

Fix Resolution: v4.1.0

Step up your Open Source Security Game with Mend here

CVE-2019-6128

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.

Publish Date: 2019-01-11

URL: CVE-2019-6128

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6128

Release Date: 2020-08-24

Fix Resolution: libtiff- v4.1.0

Step up your Open Source Security Game with Mend here

CVE-2018-15209

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.

Publish Date: 2018-08-08

URL: CVE-2018-15209

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209

Release Date: 2018-08-08

Fix Resolution: v4.0.10

Step up your Open Source Security Game with Mend here

CVE-2018-16335

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.

Publish Date: 2018-09-02

URL: CVE-2018-16335

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335

Release Date: 2018-09-02

Fix Resolution: v4.0.10

Step up your Open Source Security Game with Mend here

CVE-2020-35524

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Publish Date: 2021-03-09

URL: CVE-2020-35524

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1932044

Release Date: 2021-03-09

Fix Resolution: v4.2.0

Step up your Open Source Security Game with Mend here

CVE-2020-35523

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Publish Date: 2021-03-09

URL: CVE-2020-35523

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1932040

Release Date: 2021-03-09

Fix Resolution: v4.2.0

Step up your Open Source Security Game with Mend here

CVE-2019-9923

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (2)

/tiff-4.0.1/tools/bmp2tiff.c
/tiff-4.0.1/tools/bmp2tiff.c

Vulnerability Details

pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.

Publish Date: 2019-03-22

URL: CVE-2019-9923

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923

Release Date: 2019-03-22

Fix Resolution: 1.32

Step up your Open Source Security Game with Mend here

CVE-2020-19131

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".

Publish Date: 2021-09-07

URL: CVE-2020-19131

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19131

Release Date: 2021-09-07

Fix Resolution: v4.1.0

Step up your Open Source Security Game with Mend here

CVE-2022-0891

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact

Publish Date: 2022-03-10

URL: CVE-2022-0891

CVSS 3 Score Details (7.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2022-0891

Release Date: 2022-03-10

Fix Resolution: libtiff-tools - 4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4,4.3.0-6;libtiffxx5 - 4.3.0-6,4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4;libtiff4 - 4.1.0+git191117-2~deb10u4,4.2.0-1+deb11u1,4.3.0-6;libtiff5 - 4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4,4.3.0-6;libtiff-opengl - 4.1.0+git191117-2~deb10u4,4.3.0-6,4.2.0-1+deb11u1;libtiffxx0c2 - 4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4,4.3.0-6;libtiff4-dev - 4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4,4.3.0-6;libtiff5-dev - 4.1.0+git191117-2~deb10u4,4.3.0-6,4.2.0-1+deb11u1;libtiff-dev - 4.1.0+git191117-2~deb10u4,4.3.0-6,4.2.0-1+deb11u1;libtiff-doc - 4.1.0+git191117-2~deb10u4,4.3.0-6,4.2.0-1+deb11u1

Step up your Open Source Security Game with Mend here

CVE-2022-2057

Vulnerable Libraries - https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Vulnerability Details

Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

Publish Date: 2022-06-30

URL: CVE-2022-2057

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2022-2058

Vulnerable Libraries - https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Vulnerability Details

Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

Publish Date: 2022-06-30

URL: CVE-2022-2058

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2018-17000

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.

Publish Date: 2018-09-13

URL: CVE-2018-17000

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17000

Release Date: 2018-09-13

Fix Resolution: v4.1.0

Step up your Open Source Security Game with Mend here

CVE-2022-2056

Vulnerable Libraries - https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Vulnerability Details

Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

Publish Date: 2022-06-30

URL: CVE-2022-2056

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Step up your Open Source Security Game with Mend here

CVE-2018-19210

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.

Publish Date: 2018-11-12

URL: CVE-2018-19210

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19210

Release Date: 2018-11-12

Fix Resolution: v4.0.10

Step up your Open Source Security Game with Mend here

CVE-2019-14973

Vulnerable Libraries - https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7, https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Vulnerability Details

_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.

Publish Date: 2019-08-14

URL: CVE-2019-14973

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14973

Release Date: 2020-11-06

Fix Resolution: v4.1.0

Step up your Open Source Security Game with Mend here

CVE-2017-9937

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.

Publish Date: 2017-06-26

URL: CVE-2017-9937

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://bugzilla.maptools.org/show_bug.cgi?id=2707

Release Date: 2017-06-26

Fix Resolution: 4.0.9

Step up your Open Source Security Game with Mend here

CVE-2020-19144

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.

Publish Date: 2021-09-09

URL: CVE-2020-19144

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2020-19144

Release Date: 2021-09-09

Fix Resolution: ghostscript - 9.54.0;tiff - 4.2.0

Step up your Open Source Security Game with Mend here

CVE-2017-11613

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer.

Publish Date: 2017-07-26

URL: CVE-2017-11613

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613

Release Date: 2017-07-26

Fix Resolution: Release-v4-0-9

Step up your Open Source Security Game with Mend here

CVE-2012-3401

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.

Publish Date: 2012-08-13

URL: CVE-2012-3401

CVSS 3 Score Details (5.6)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Origin: https://gitlab.com/libtiff/libtiff/-/tags/Release-v4-0-3

Release Date: 2012-08-13

Fix Resolution: Release-v4-0-3

Step up your Open Source Security Game with Mend here

CVE-2022-22844

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

Publish Date: 2022-01-10

URL: CVE-2022-22844

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2022-22844

Release Date: 2022-01-10

Fix Resolution: libtiffxx5 - 4.0.8-2+deb9u8,4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4,4.3.0-3;libtiff4 - 4.0.8-2+deb9u8,4.1.0+git191117-2~deb10u4,4.2.0-1+deb11u1,4.3.0-3;libtiff5 - 4.2.0-1+deb11u1,4.3.0-3,4.1.0+git191117-2~deb10u4,4.0.8-2+deb9u8;libtiff-opengl - 4.1.0+git191117-2~deb10u4,4.3.0-3,4.2.0-1+deb11u1,4.0.8-2+deb9u8;libtiffxx0c2 - 4.3.0-3,4.2.0-1+deb11u1,4.0.8-2+deb9u8,4.1.0+git191117-2~deb10u4;libtiff4-dev - 4.0.8-2+deb9u8,4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4,4.3.0-3;libtiff5-dev - 4.1.0+git191117-2~deb10u4,4.3.0-3,4.2.0-1+deb11u1,4.0.8-2+deb9u8;libtiff-dev - 4.1.0+git191117-2~deb10u4,4.3.0-3,4.2.0-1+deb11u1;libtiff-doc - 4.1.0+git191117-2~deb10u4,4.3.0-3,4.0.8-2+deb9u8,4.2.0-1+deb11u1;libtiff-tools - 4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4,4.0.8-2+deb9u8,4.3.0-3

Step up your Open Source Security Game with Mend here

CVE-2022-0908

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.

Publish Date: 2022-03-11

URL: CVE-2022-0908

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2022-0908

Release Date: 2022-03-11

Fix Resolution: libtiff-tools - 4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4,4.3.0-6;libtiffxx5 - 4.3.0-6,4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4;libtiff4 - 4.1.0+git191117-2~deb10u4,4.2.0-1+deb11u1,4.3.0-6;libtiff5 - 4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4,4.3.0-6;libtiff-opengl - 4.1.0+git191117-2~deb10u4,4.3.0-6,4.2.0-1+deb11u1;libtiffxx0c2 - 4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4,4.3.0-6;libtiff4-dev - 4.2.0-1+deb11u1,4.1.0+git191117-2~deb10u4,4.3.0-6;libtiff5-dev - 4.1.0+git191117-2~deb10u4,4.3.0-6,4.2.0-1+deb11u1;libtiff-dev - 4.1.0+git191117-2~deb10u4,4.3.0-6,4.2.0-1+deb11u1;libtiff-doc - 4.1.0+git191117-2~deb10u4,4.3.0-6,4.2.0-1+deb11u1

Step up your Open Source Security Game with Mend here

CVE-2020-35522

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.

Publish Date: 2021-03-09

URL: CVE-2020-35522

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1932037

Release Date: 2021-03-09

Fix Resolution: v4.2.0

Step up your Open Source Security Game with Mend here

CVE-2020-35521

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.

Publish Date: 2021-03-09

URL: CVE-2020-35521

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1932034

Release Date: 2021-03-09

Fix Resolution: v4.2.0

Step up your Open Source Security Game with Mend here

CVE-2022-0561

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.

Publish Date: 2022-02-11

URL: CVE-2022-0561

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2022-0561

Release Date: 2022-02-11

Fix Resolution: ghostscript - 9.55.0;tiff - 4.2.0

Step up your Open Source Security Game with Mend here

CVE-2022-0562

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c.

Publish Date: 2022-02-11

URL: CVE-2022-0562

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2022-0562

Release Date: 2022-02-11

Fix Resolution: ghostscript - 9.55.0;tiff - 4.2.0

Step up your Open Source Security Game with Mend here

CVE-2022-34266

Vulnerable Library - https://gitlab.com/libtiff/libtiff/Release-v4-0-7

Library home page: https://gitlab.com/libtiff/libtiff/

Found in base branch: main

Vulnerable Source Files (1)

Vulnerability Details

The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset() function within TIFFFetchStripThing() in tif_dirread.c. This will cause TIFFFetchStripThing() to segfault after use of an uninitialized resource.

Publish Date: 2022-07-19

URL: CVE-2022-34266

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://alas.aws.amazon.com/AL2/ALAS-2022-1814.html

Release Date: 2022-07-19

Fix Resolution: v4.4.0

Step up your Open Source Security Game with Mend here

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Vulnerable Source Files (1)

/binutils-2.29/bfd/elfcode.h

CVE-2018-6323

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (1)

/binutils-2.29/bfd/elfcode.h

Vulnerability Details

The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Publish Date: 2018-01-26

URL: CVE-2018-6323

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6323

Release Date: 2018-01-26

Fix Resolution: binutils-2_31

Step up your Open Source Security Game with Mend here

CVE-2021-20294

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (1)

/binutils-2.29/binutils/readelf.c

Vulnerability Details

A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability.

Publish Date: 2021-04-29

URL: CVE-2021-20294

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1943533

Release Date: 2021-04-29

Fix Resolution: binutils-2_35_2

Step up your Open Source Security Game with Mend here

CVE-2021-45078

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (2)

/binutils-2.29/binutils/stabs.c
/binutils-2.29/binutils/stabs.c

Vulnerability Details

stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699.

Publish Date: 2021-12-15

URL: CVE-2021-45078

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-45078

Release Date: 2021-12-15

Fix Resolution: binutils - 2.37.50.20220106-1

Step up your Open Source Security Game with Mend here

CVE-2017-12456

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (1)

/binutils-2.29/binutils/rddbg.c

Vulnerability Details

The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file.

Publish Date: 2017-08-04

URL: CVE-2017-12456

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12456

Release Date: 2017-08-04

Fix Resolution: binutils-2_30

Step up your Open Source Security Game with Mend here

CVE-2017-12454

Vulnerable Libraries - binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38

Vulnerability Details

The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file.

Publish Date: 2017-08-04

URL: CVE-2017-12454

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-12454

Release Date: 2017-08-04

Fix Resolution: binutils - 2.29-9,2.29-9,2.29-9

Step up your Open Source Security Game with Mend here

CVE-2017-12455

Vulnerable Libraries - binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38

Vulnerability Details

The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.

Publish Date: 2017-08-04

URL: CVE-2017-12455

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-12455

Release Date: 2017-08-04

Fix Resolution: binutils - 2.29-8,2.29-8,2.29-8

Step up your Open Source Security Game with Mend here

CVE-2017-12453

Vulnerable Libraries - binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38, binutilsbinutils-2.38

Vulnerability Details

The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.

Publish Date: 2017-08-04

URL: CVE-2017-12453

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-12453

Release Date: 2017-08-04

Fix Resolution: binutils - 2.29-9,2.29-9,2.29-9

Step up your Open Source Security Game with Mend here

CVE-2019-1010180

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (1)

/binutils-2.29/bfd/elfcode.h

Vulnerability Details

GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.

Publish Date: 2019-07-24

URL: CVE-2019-1010180

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2019-1010178

Release Date: 2019-07-24

Fix Resolution: binutils-2_32,gdb-8.3-release

Step up your Open Source Security Game with Mend here

CVE-2017-12450

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (1)

/binutils-2.29/bfd/vms-alpha.c

Vulnerability Details

The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file.

Publish Date: 2017-08-04

URL: CVE-2017-12450

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12450

Release Date: 2017-08-04

Fix Resolution: 2.30

Step up your Open Source Security Game with Mend here

CVE-2018-19931

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (1)

/binutils-2.29/bfd/elfcode.h

Vulnerability Details

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.

Publish Date: 2018-12-07

URL: CVE-2018-19931

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-19931

Release Date: 2018-12-07

Fix Resolution: binutils - 2.32-1

Step up your Open Source Security Game with Mend here

CVE-2017-12458

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (1)

/binutils-2.29/bfd/nlmcode.h

Vulnerability Details

The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file.

Publish Date: 2017-08-04

URL: CVE-2017-12458

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12458

Release Date: 2017-08-04

Fix Resolution: binutils-2_29_1

Step up your Open Source Security Game with Mend here

CVE-2017-14745

Vulnerable Libraries - binutilsbinutils-2.38, binutilsbinutils-2.38

Vulnerability Details

The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.

Publish Date: 2017-09-26

URL: CVE-2017-14745

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14745

Release Date: 2017-09-26

Fix Resolution: binutils-2_30

Step up your Open Source Security Game with Mend here

CVE-2017-15996

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (1)

/binutils-2.29/binutils/elfcomm.c

Vulnerability Details

elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions.

Publish Date: 2017-10-29

URL: CVE-2017-15996

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15996

Release Date: 2017-10-29

Fix Resolution: 2.30

Step up your Open Source Security Game with Mend here

CVE-2018-1000876

Vulnerable Libraries - binutilsbinutils-2.38, binutilsbinutils-2.38

Vulnerability Details

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.

Publish Date: 2018-12-20

URL: CVE-2018-1000876

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-1000876

Release Date: 2018-12-20

Fix Resolution: binutils-devel - 2.27-41.base,2.27-41.base,2.27-41.base,2.27-41.base,2.27-41.base;binutils-debuginfo - 2.27-41.base,2.27-41.base;binutils - 2.27-41.base,2.27-41.base,2.27-41.base,2.27-41.base

Step up your Open Source Security Game with Mend here

CVE-2017-12448

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (1)

/binutils-2.29/bfd/archive.c

Vulnerability Details

The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because incorrect functions are called during an attempt to release memory. The issue can be addressed by better input validation in the bfd_generic_archive_p function in bfd/archive.c.

Publish Date: 2017-08-04

URL: CVE-2017-12448

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2017-08-04

Fix Resolution: binutils-2_30,gdb-8.1-release,users/ARM/embedded-binutils-2_30-branch-2018q2

Step up your Open Source Security Game with Mend here

CVE-2017-14333

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (1)

/binutils-2.29/binutils/readelf.c

Vulnerability Details

The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution.

Publish Date: 2017-09-12

URL: CVE-2017-14333

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-14333

Release Date: 2017-09-12

Fix Resolution: binutils - 2.29-9,2.29-9,2.29-9

Step up your Open Source Security Game with Mend here

CVE-2017-17125

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (2)

/binutils-2.29/binutils/nm.c
/binutils-2.29/binutils/nm.c

Vulnerability Details

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file.

Publish Date: 2017-12-04

URL: CVE-2017-17125

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17125

Release Date: 2017-12-04

Fix Resolution: 2.30

Step up your Open Source Security Game with Mend here

CVE-2017-16831

Vulnerable Library - binutilsbinutils-2.38

Gnu Distributions

Library home page: https://ftp.gnu.org/gnu/binutils?wsslib=binutils

Found in base branch: main

Vulnerable Source Files (1)

/binutils-2.29/bfd/coffgen.c

Vulnerability Details

coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file.

Publish Date: 2017-11-15

URL: CVE-2017-16831

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16831

Release Date: 2017-11-15

Fix Resolution: 2.30

Step up your Open Source Security Game with Mend here

Vulnerable Library - zlibv1.2.11

A massively spiffy yet delicately unobtrusive compression library.

Library home page: https://github.com/madler/zlib.git

Vulnerable Source Files (3)

/binutils-2.29/zlib/inflate.c
/binutils-2.29/zlib/inflate.c
/binutils-2.29/zlib/inflate.c

WS-2020-0368

Vulnerable Libraries - zlibv1.2.11, zlibv1.2.11, zlibv1.2.11

Vulnerability Details

Zlib in versions v0.8 to v1.2.11 is vulnerable to use-of-uninitialized-value in inflate.
There are a couple of places in inflate() where UPDATE is called with state->check as its first parameter, without a guarantee that this value has been initialized (state comes from a ZALLOC in inflateInit). This causes use of uninitialized check value.

Publish Date: 2020-02-22

URL: WS-2020-0368

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/WS-2020-0368

Release Date: 2020-02-22

Fix Resolution: cmake-native - 3.15.5;binutils-cross-testsuite - 2.35;libstd-rs - 1.57.0;gdb - 11.1,9.2;tcl - 8.6.11;sudo - 1.8.32;binutils - 2.35,2.28;ccache - 3.3.3,4.1;libgit2 - 1.3.0;cmake - 3.19.5,3.7.0,3.7.2,3.22.0,3.17.3;cmake-native - 3.17.3,3.7.0,3.22.0,3.18.4;ghostscript - 9.55.0

Step up your Open Source Security Game with Mend here

Vulnerable Library - jasperversion-2.0.10

Our efforts were merged into https://github.com/jasper-software/jasper See issue 208 there

Library home page: https://github.com/jasper-maint/jasper.git

Vulnerable Source Files (1)

/jasper-2.0.10/src/libjasper/base/jas_stream.c

CVE-2008-3522

Vulnerable Library - jasperversion-2.0.10

Our efforts were merged into https://github.com/jasper-software/jasper See issue 208 there

Library home page: https://github.com/jasper-maint/jasper.git

Found in base branch: main

Vulnerable Source Files (1)

/jasper-2.0.10/src/libjasper/base/jas_stream.c

Vulnerability Details

Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.

Publish Date: 2008-10-02

URL: CVE-2008-3522

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2008-3522

Release Date: 2008-10-02

Fix Resolution: jasper - 1.900.2-1

Step up your Open Source Security Game with Mend here

CVE-2008-3520

Vulnerable Libraries - jasperversion-2.0.10, jasperversion-2.0.10

Vulnerability Details

Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.

Publish Date: 2008-10-02

URL: CVE-2008-3520

CVSS 3 Score Details (8.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2008-3520

Release Date: 2008-10-02

Fix Resolution: jasper - 1.900.2-1

Step up your Open Source Security Game with Mend here

CVE-2016-9583

Vulnerable Library - jasperversion-2.0.10

Our efforts were merged into https://github.com/jasper-software/jasper See issue 208 there

Library home page: https://github.com/jasper-maint/jasper.git

Found in base branch: main

Vulnerable Source Files (1)

/jasper-2.0.10/src/libjasper/include/jasper/jas_types.h

Vulnerability Details

An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.

Publish Date: 2018-08-01

URL: CVE-2016-9583

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-9583

Release Date: 2018-08-01

Fix Resolution: 2.0.6

Step up your Open Source Security Game with Mend here

CVE-2020-27828

Vulnerable Library - jasperversion-2.0.10

Our efforts were merged into https://github.com/jasper-software/jasper See issue 208 there

Library home page: https://github.com/jasper-maint/jasper.git

Found in base branch: main

Vulnerable Source Files (1)

/jasper-2.0.10/src/libjasper/jpc/jpc_enc.c

Vulnerability Details

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability.

Publish Date: 2020-12-11

URL: CVE-2020-27828

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2020-12-11

Fix Resolution: version-2.0.23

Step up your Open Source Security Game with Mend here

CVE-2016-9600

Vulnerable Library - jasperversion-2.0.10