elenakves/train-schedule

Region: us-west-2
Scan Summary
Critical vulnerabilities
192
Malicious files
0
Last scan

1 year, 9 months ago
Type of scan
Prevasio CSPM
Scan duration
4 minutes and 7 seconds
Image Details
Image URI
elenakves/train-schedule
Image tags
latest
Digest
Created

5 years ago
Compressed size
269.54 MB
Uncompressed size
672.48 MB
OS/architecture
linux/amd64
OS distribution
debian 8.11 (reached end of life)
Working directory
usr/src/app
ENTRYPOINT
CMD
npmstart
User
Ports
8080/tcp
Volumes
Environment variables
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
NODE_VERSION=8.12.0
YARN_VERSION=1.9.4
Overview
Critical
192
High
582
Medium
953
Low
57
Informational
0
Vulnerabilities (1,000)
Severity Name Package VersionFixed inDescription Package:version
Critical CVE-2019-12900 bzip2 1.0.6-71.0.6-7+deb8u1bzip2: out-of-bounds write in function BZ2_decompress bzip2:1.0.6-7
Critical CVE-2016-7167 curl 7.38.0-4+deb8u117.38.0-4+deb8u13curl: escape and unescape integer overflows curl:7.38.0-4+deb8u11
Critical CVE-2018-14618 curl 7.38.0-4+deb8u117.38.0-4+deb8u12curl: NTLM password overflow via integer overflow curl:7.38.0-4+deb8u11
Critical CVE-2018-16839 curl 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message() curl:7.38.0-4+deb8u11
Critical CVE-2018-16842 curl 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Heap-based buffer over-read in the curl tool warning formatting curl:7.38.0-4+deb8u11
Critical CVE-2019-3822 curl 7.38.0-4+deb8u117.38.0-4+deb8u14curl: NTLMv2 type-3 header stack buffer overflow curl:7.38.0-4+deb8u11
Critical CVE-2019-5482 curl 7.38.0-4+deb8u117.38.0-4+deb8u16curl: heap buffer overflow in function tftp_receive_packet() curl:7.38.0-4+deb8u11
Critical CVE-2019-18218 file 1:5.22+15-2+deb8u41:5.22+15-2+deb8u6file: heap-based buffer overflow in cdf_read_property_info in cdf.c file:1:5.22+15-2+deb8u4
Critical CVE-2018-17456 git 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u7git: arbitrary code execution via .gitmodules git:1:2.1.4-2.1+deb8u6
Critical CVE-2019-1353 git 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u8git: NTFS protections inactive when running Git in the Windows Subsystem for Linux git:1:2.1.4-2.1+deb8u6
Critical CVE-2018-17456 git-man 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u7git: arbitrary code execution via .gitmodules git-man:1:2.1.4-2.1+deb8u6
Critical CVE-2019-1353 git-man 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u8git: NTFS protections inactive when running Git in the Windows Subsystem for Linux git-man:1:2.1.4-2.1+deb8u6
Critical CVE-2017-14532 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function imagemagick:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function imagemagick:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function imagemagick:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function imagemagick:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c imagemagick:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c imagemagick:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14532 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14532 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function imagemagick-common:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function imagemagick-common:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function imagemagick-common:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function imagemagick-common:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c imagemagick-common:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c imagemagick-common:8:6.8.9.9-5+deb8u13
Critical CVE-2016-2090 libbsd0 0.7.0-20.7.0-2+deb8u1Off-by-one vulnerability in the fgetwln function in libbsd before 0.8. ... libbsd0:0.7.0-2
Critical CVE-2019-12900 libbz2-1.0 1.0.6-71.0.6-7+deb8u1bzip2: out-of-bounds write in function BZ2_decompress libbz2-1.0:1.0.6-7
Critical CVE-2019-12900 libbz2-dev 1.0.6-71.0.6-7+deb8u1bzip2: out-of-bounds write in function BZ2_decompress libbz2-dev:1.0.6-7
Critical CVE-2016-7167 libcurl3 7.38.0-4+deb8u117.38.0-4+deb8u13curl: escape and unescape integer overflows libcurl3:7.38.0-4+deb8u11
Critical CVE-2018-14618 libcurl3 7.38.0-4+deb8u117.38.0-4+deb8u12curl: NTLM password overflow via integer overflow libcurl3:7.38.0-4+deb8u11
Critical CVE-2018-16839 libcurl3 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message() libcurl3:7.38.0-4+deb8u11
Critical CVE-2018-16842 libcurl3 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Heap-based buffer over-read in the curl tool warning formatting libcurl3:7.38.0-4+deb8u11
Critical CVE-2019-3822 libcurl3 7.38.0-4+deb8u117.38.0-4+deb8u14curl: NTLMv2 type-3 header stack buffer overflow libcurl3:7.38.0-4+deb8u11
Critical CVE-2019-5482 libcurl3 7.38.0-4+deb8u117.38.0-4+deb8u16curl: heap buffer overflow in function tftp_receive_packet() libcurl3:7.38.0-4+deb8u11
Critical CVE-2016-7167 libcurl3-gnutls 7.38.0-4+deb8u117.38.0-4+deb8u13curl: escape and unescape integer overflows libcurl3-gnutls:7.38.0-4+deb8u11
Critical CVE-2018-14618 libcurl3-gnutls 7.38.0-4+deb8u117.38.0-4+deb8u12curl: NTLM password overflow via integer overflow libcurl3-gnutls:7.38.0-4+deb8u11
Critical CVE-2018-16839 libcurl3-gnutls 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message() libcurl3-gnutls:7.38.0-4+deb8u11
Critical CVE-2018-16842 libcurl3-gnutls 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Heap-based buffer over-read in the curl tool warning formatting libcurl3-gnutls:7.38.0-4+deb8u11
Critical CVE-2019-3822 libcurl3-gnutls 7.38.0-4+deb8u117.38.0-4+deb8u14curl: NTLMv2 type-3 header stack buffer overflow libcurl3-gnutls:7.38.0-4+deb8u11
Critical CVE-2019-5482 libcurl3-gnutls 7.38.0-4+deb8u117.38.0-4+deb8u16curl: heap buffer overflow in function tftp_receive_packet() libcurl3-gnutls:7.38.0-4+deb8u11
Critical CVE-2016-7167 libcurl4-openssl-dev 7.38.0-4+deb8u117.38.0-4+deb8u13curl: escape and unescape integer overflows libcurl4-openssl-dev:7.38.0-4+deb8u11
Critical CVE-2018-14618 libcurl4-openssl-dev 7.38.0-4+deb8u117.38.0-4+deb8u12curl: NTLM password overflow via integer overflow libcurl4-openssl-dev:7.38.0-4+deb8u11
Critical CVE-2018-16839 libcurl4-openssl-dev 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message() libcurl4-openssl-dev:7.38.0-4+deb8u11
Critical CVE-2018-16842 libcurl4-openssl-dev 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Heap-based buffer over-read in the curl tool warning formatting libcurl4-openssl-dev:7.38.0-4+deb8u11
Critical CVE-2019-3822 libcurl4-openssl-dev 7.38.0-4+deb8u117.38.0-4+deb8u14curl: NTLMv2 type-3 header stack buffer overflow libcurl4-openssl-dev:7.38.0-4+deb8u11
Critical CVE-2019-5482 libcurl4-openssl-dev 7.38.0-4+deb8u117.38.0-4+deb8u16curl: heap buffer overflow in function tftp_receive_packet() libcurl4-openssl-dev:7.38.0-4+deb8u11
Critical CVE-2017-7544 libexif-dev 0.6.21-20.6.21-2+deb8u2libexif: Out-of-bounds heap read in exif_data_save_data_entry function libexif-dev:0.6.21-2
Critical CVE-2020-13112 libexif-dev 0.6.21-20.6.21-2+deb8u3libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS libexif-dev:0.6.21-2
Critical CVE-2017-7544 libexif12 0.6.21-20.6.21-2+deb8u2libexif: Out-of-bounds heap read in exif_data_save_data_entry function libexif12:0.6.21-2
Critical CVE-2020-13112 libexif12 0.6.21-20.6.21-2+deb8u3libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS libexif12:0.6.21-2
Critical CVE-2015-9290 libfreetype6 2.5.2-3+deb8u22.5.2-3+deb8u3freetype: buffer over-read in function T1_Get_Private_Dict in type1/t1parse.c libfreetype6:2.5.2-3+deb8u2
Critical CVE-2015-9290 libfreetype6-dev 2.5.2-3+deb8u22.5.2-3+deb8u3freetype: buffer over-read in function T1_Get_Private_Dict in type1/t1parse.c libfreetype6-dev:2.5.2-3+deb8u2
Critical CVE-2019-6978 libgd3 2.1.0-5+deb8u112.1.0-5+deb8u12gd: Double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c libgd3:2.1.0-5+deb8u11
Critical CVE-2018-16428 libglib2.0-0 2.42.1-12.42.1-1+deb8u2glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c libglib2.0-0:2.42.1-1
Critical CVE-2019-12450 libglib2.0-0 2.42.1-12.42.1-1+deb8u1glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress libglib2.0-0:2.42.1-1
Critical CVE-2018-16428 libglib2.0-bin 2.42.1-12.42.1-1+deb8u2glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c libglib2.0-bin:2.42.1-1
Critical CVE-2019-12450 libglib2.0-bin 2.42.1-12.42.1-1+deb8u1glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress libglib2.0-bin:2.42.1-1
Critical CVE-2018-16428 libglib2.0-data 2.42.1-12.42.1-1+deb8u2glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c libglib2.0-data:2.42.1-1
Critical CVE-2019-12450 libglib2.0-data 2.42.1-12.42.1-1+deb8u1glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress libglib2.0-data:2.42.1-1
Critical CVE-2018-16428 libglib2.0-dev 2.42.1-12.42.1-1+deb8u2glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c libglib2.0-dev:2.42.1-1
Critical CVE-2019-12450 libglib2.0-dev 2.42.1-12.42.1-1+deb8u1glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress libglib2.0-dev:2.42.1-1
Critical CVE-2019-18218 libmagic1 1:5.22+15-2+deb8u41:5.22+15-2+deb8u6file: heap-based buffer overflow in cdf_read_property_info in cdf.c libmagic1:1:5.22+15-2+deb8u4
Critical CVE-2017-14532 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14532 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14532 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14532 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14532 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14532 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function libmagickcore-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function libmagickcore-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function libmagickcore-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function libmagickcore-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c libmagickcore-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c libmagickcore-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14532 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14532 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14532 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14532 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function libmagickwand-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14624 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function libmagickwand-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14625 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_output_create function libmagickwand-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2017-14626 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the sixel_decode function libmagickwand-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19948 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c libmagickwand-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2019-19949 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u19ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c libmagickwand-dev:8:6.8.9.9-5+deb8u13
Critical CVE-2015-5297 libpixman-1-0 0.32.6-30.32.6-3+deb8u1pixman: general_composite_rect() integer overflow libpixman-1-0:0.32.6-3
Critical CVE-2015-5297 libpixman-1-dev 0.32.6-30.32.6-3+deb8u1pixman: general_composite_rect() integer overflow libpixman-1-dev:0.32.6-3
Critical CVE-2017-1000158 libpython2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u2python: Integer overflow in PyString_DecodeEscape results in heap-base buffer overflow libpython2.7-minimal:2.7.9-2+deb8u1
Critical CVE-2018-1000802 libpython2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u2python: Command injection in the shutil module libpython2.7-minimal:2.7.9-2+deb8u1
Critical CVE-2019-9636 libpython2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u3python: Information Disclosure due to urlsplit improper NFKC normalization libpython2.7-minimal:2.7.9-2+deb8u1
Critical CVE-2019-9948 libpython2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u3python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms libpython2.7-minimal:2.7.9-2+deb8u1
Critical CVE-2017-1000158 libpython2.7-stdlib 2.7.9-2+deb8u12.7.9-2+deb8u2python: Integer overflow in PyString_DecodeEscape results in heap-base buffer overflow libpython2.7-stdlib:2.7.9-2+deb8u1
Critical CVE-2018-1000802 libpython2.7-stdlib 2.7.9-2+deb8u12.7.9-2+deb8u2python: Command injection in the shutil module libpython2.7-stdlib:2.7.9-2+deb8u1
Critical CVE-2019-9636 libpython2.7-stdlib 2.7.9-2+deb8u12.7.9-2+deb8u3python: Information Disclosure due to urlsplit improper NFKC normalization libpython2.7-stdlib:2.7.9-2+deb8u1
Critical CVE-2019-9948 libpython2.7-stdlib 2.7.9-2+deb8u12.7.9-2+deb8u3python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms libpython2.7-stdlib:2.7.9-2+deb8u1
Critical CVE-2017-10989 libsqlite3-0 3.8.7.1-1+deb8u23.8.7.1-1+deb8u4sqlite: Heap-buffer overflow in the getNodeSize function libsqlite3-0:3.8.7.1-1+deb8u2
Critical CVE-2017-2518 libsqlite3-0 3.8.7.1-1+deb8u23.8.7.1-1+deb8u4An issue was discovered in certain Apple products. iOS before 10.3.2 i ... libsqlite3-0:3.8.7.1-1+deb8u2
Critical CVE-2017-2519 libsqlite3-0 3.8.7.1-1+deb8u23.8.7.1-1+deb8u4An issue was discovered in certain Apple products. iOS before 10.3.2 i ... libsqlite3-0:3.8.7.1-1+deb8u2
Critical CVE-2017-2520 libsqlite3-0 3.8.7.1-1+deb8u23.8.7.1-1+deb8u4An issue was discovered in certain Apple products. iOS before 10.3.2 i ... libsqlite3-0:3.8.7.1-1+deb8u2
Critical CVE-2017-10989 libsqlite3-dev 3.8.7.1-1+deb8u23.8.7.1-1+deb8u4sqlite: Heap-buffer overflow in the getNodeSize function libsqlite3-dev:3.8.7.1-1+deb8u2
Critical CVE-2017-2518 libsqlite3-dev 3.8.7.1-1+deb8u23.8.7.1-1+deb8u4An issue was discovered in certain Apple products. iOS before 10.3.2 i ... libsqlite3-dev:3.8.7.1-1+deb8u2
Critical CVE-2017-2519 libsqlite3-dev 3.8.7.1-1+deb8u23.8.7.1-1+deb8u4An issue was discovered in certain Apple products. iOS before 10.3.2 i ... libsqlite3-dev:3.8.7.1-1+deb8u2
Critical CVE-2017-2520 libsqlite3-dev 3.8.7.1-1+deb8u23.8.7.1-1+deb8u4An issue was discovered in certain Apple products. iOS before 10.3.2 i ... libsqlite3-dev:3.8.7.1-1+deb8u2
Critical CVE-2019-3858 libssh2-1 1.4.3-4.1+deb8u11.4.3-4.1+deb8u2libssh2: Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read libssh2-1:1.4.3-4.1+deb8u1
Critical CVE-2019-3859 libssh2-1 1.4.3-4.1+deb8u11.4.3-4.1+deb8u4libssh2: Unchecked use of _libssh2_packet_require and _libssh2_packet_requirev resulting in out-of-bounds read libssh2-1:1.4.3-4.1+deb8u1
Critical CVE-2019-3860 libssh2-1 1.4.3-4.1+deb8u11.4.3-4.1+deb8u5libssh2: Out-of-bounds reads with specially crafted SFTP packets libssh2-1:1.4.3-4.1+deb8u1
Critical CVE-2019-3861 libssh2-1 1.4.3-4.1+deb8u11.4.3-4.1+deb8u2libssh2: Out-of-bounds reads with specially crafted SSH packets libssh2-1:1.4.3-4.1+deb8u1
Critical CVE-2019-3862 libssh2-1 1.4.3-4.1+deb8u11.4.3-4.1+deb8u2libssh2: Out-of-bounds memory comparison with specially crafted message channel request libssh2-1:1.4.3-4.1+deb8u1
Critical CVE-2016-4609 libxslt1-dev 1.1.28-2+deb8u31.1.28-2+deb8u5libxslt: Out-of-bounds read at xmlGetLineNoInternal() libxslt1-dev:1.1.28-2+deb8u3
Critical CVE-2016-4610 libxslt1-dev 1.1.28-2+deb8u31.1.28-2+deb8u5libxslt: Invalid memory access leading to DoS at exsltDynMapFunction() libxslt1-dev:1.1.28-2+deb8u3
Critical CVE-2019-11068 libxslt1-dev 1.1.28-2+deb8u31.1.28-2+deb8u4libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL libxslt1-dev:1.1.28-2+deb8u3
Critical CVE-2016-4609 libxslt1.1 1.1.28-2+deb8u31.1.28-2+deb8u5libxslt: Out-of-bounds read at xmlGetLineNoInternal() libxslt1.1:1.1.28-2+deb8u3
Critical CVE-2016-4610 libxslt1.1 1.1.28-2+deb8u31.1.28-2+deb8u5libxslt: Invalid memory access leading to DoS at exsltDynMapFunction() libxslt1.1:1.1.28-2+deb8u3
Critical CVE-2019-11068 libxslt1.1 1.1.28-2+deb8u31.1.28-2+deb8u4libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL libxslt1.1:1.1.28-2+deb8u3
Critical CVE-2019-10126 linux-libc-dev 3.16.57-23.16.68-2kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c linux-libc-dev:3.16.57-2
Critical CVE-2019-14895 linux-libc-dev 3.16.57-23.16.81-1kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c linux-libc-dev:3.16.57-2
Critical CVE-2019-14896 linux-libc-dev 3.16.57-23.16.81-1kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c linux-libc-dev:3.16.57-2
Critical CVE-2019-14897 linux-libc-dev 3.16.57-23.16.81-1kernel: stack-based buffer overflow in add_ie_rates function in drivers/net/wireless/marvell/libertas/cfg.c linux-libc-dev:3.16.57-2
Critical CVE-2019-14901 linux-libc-dev 3.16.57-23.16.81-1kernel: heap overflow in marvell/mwifiex/tdls.c linux-libc-dev:3.16.57-2
Critical CVE-2019-15292 linux-libc-dev 3.16.57-23.16.74-1kernel: Use-after-free in atalk_proc_exit function in net/appletalk linux-libc-dev:3.16.57-2
Critical CVE-2019-15505 linux-libc-dev 3.16.57-23.16.81-1kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c linux-libc-dev:3.16.57-2
Critical CVE-2019-15926 linux-libc-dev 3.16.57-23.16.74-1kernel: out of bounds access in functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx linux-libc-dev:3.16.57-2
Critical CVE-2019-16746 linux-libc-dev 3.16.57-23.16.81-1kernel: buffer-overflow hardening in WiFi beacon validation code. linux-libc-dev:3.16.57-2
Critical CVE-2019-17133 linux-libc-dev 3.16.57-23.16.81-1kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c linux-libc-dev:3.16.57-2
Critical CVE-2016-1908 openssh-client 1:6.7p1-5+deb8u51:6.7p1-5+deb8u6openssh: possible fallback from untrusted to trusted X11 forwarding openssh-client:1:6.7p1-5+deb8u5
Critical CVE-2018-18311 perl 5.20.2-3+deb8u115.20.2-3+deb8u12perl: Integer overflow leading to buffer overflow in Perl_my_setenv() perl:5.20.2-3+deb8u11
Critical CVE-2018-18311 perl-base 5.20.2-3+deb8u115.20.2-3+deb8u12perl: Integer overflow leading to buffer overflow in Perl_my_setenv() perl-base:5.20.2-3+deb8u11
Critical CVE-2018-18311 perl-modules 5.20.2-3+deb8u115.20.2-3+deb8u12perl: Integer overflow leading to buffer overflow in Perl_my_setenv() perl-modules:5.20.2-3+deb8u11
Critical CVE-2017-1000158 python2.7 2.7.9-2+deb8u12.7.9-2+deb8u2python: Integer overflow in PyString_DecodeEscape results in heap-base buffer overflow python2.7:2.7.9-2+deb8u1
Critical CVE-2018-1000802 python2.7 2.7.9-2+deb8u12.7.9-2+deb8u2python: Command injection in the shutil module python2.7:2.7.9-2+deb8u1
Critical CVE-2019-9636 python2.7 2.7.9-2+deb8u12.7.9-2+deb8u3python: Information Disclosure due to urlsplit improper NFKC normalization python2.7:2.7.9-2+deb8u1
Critical CVE-2019-9948 python2.7 2.7.9-2+deb8u12.7.9-2+deb8u3python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms python2.7:2.7.9-2+deb8u1
Critical CVE-2017-1000158 python2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u2python: Integer overflow in PyString_DecodeEscape results in heap-base buffer overflow python2.7-minimal:2.7.9-2+deb8u1
Critical CVE-2018-1000802 python2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u2python: Command injection in the shutil module python2.7-minimal:2.7.9-2+deb8u1
Critical CVE-2019-9636 python2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u3python: Information Disclosure due to urlsplit improper NFKC normalization python2.7-minimal:2.7.9-2+deb8u1
Critical CVE-2019-9948 python2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u3python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms python2.7-minimal:2.7.9-2+deb8u1
Critical CVE-2019-5953 wget 1.16-1+deb8u51.16-1+deb8u6wget: do_conversion() heap-based buffer overflow vulnerability wget:1.16-1+deb8u5
Critical CVE-2016-9841 zlib1g 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Out-of-bounds pointer arithmetic in inffast.c zlib1g:1:1.2.8.dfsg-2
Critical CVE-2016-9843 zlib1g 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Big-endian out-of-bounds pointer zlib1g:1:1.2.8.dfsg-2
Critical CVE-2016-9841 zlib1g-dev 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Out-of-bounds pointer arithmetic in inffast.c zlib1g-dev:1:1.2.8.dfsg-2
Critical CVE-2016-9843 zlib1g-dev 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Big-endian out-of-bounds pointer zlib1g-dev:1:1.2.8.dfsg-2
Critical GHSA-4vmm-mhcq-4x9j constantinople 3.0.23.1.1Sandbox Bypass Leading to Arbitrary Code Execution in constantinople constantinople:3.0.2
Critical CVE-2018-1000620 cryptiles 3.1.2>=4.1.2nodejs-cryptiles: Insecure randomness causes the randomDigits() function returns a pseudo-random data string biased to certain digits cryptiles:3.1.2
Critical CVE-2018-3750 deep-extend 0.4.20.5.1nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties deep-extend:0.4.2
Critical CVE-2018-3739 https-proxy-agent 2.1.12.2.0nodejs-https-proxy-agent: Unsanitized options passed to Buffer() allow for denial of service https-proxy-agent:2.1.1
Critical CVE-2021-3918 json-schema 0.2.30.4.0nodejs-json-schema: Prototype pollution vulnerability json-schema:0.2.3
Critical CVE-2019-10744 lodash 3.10.14.17.12nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties lodash:3.10.1
Critical CVE-2019-10744 lodash 4.17.54.17.12nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties lodash:4.17.5
Critical CVE-2021-44906 minimist 0.0.81.2.6minimist: prototype pollution minimist:0.0.8
Critical CVE-2021-44906 minimist 1.2.01.2.6minimist: prototype pollution minimist:1.2.0
High CVE-2019-3462 apt 1.0.9.8.41.0.9.8.5Incorrect sanitation of the 302 redirect field in HTTP transport metho ... apt:1.0.9.8.4
High CVE-2019-9924 bash 4.3-11+deb8u14.3-11+deb8u2bash: BASH_CMD is writable in restricted bash shells bash:4.3-11+deb8u1
High CVE-2016-7141 curl 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Incorrect reuse of client certificates curl:7.38.0-4+deb8u11
High CVE-2016-9586 curl 7.38.0-4+deb8u117.38.0-4+deb8u13curl: printf floating point buffer overflow curl:7.38.0-4+deb8u11
High CVE-2018-16890 curl 7.38.0-4+deb8u117.38.0-4+deb8u14curl: NTLM type-2 heap out-of-bounds buffer read curl:7.38.0-4+deb8u11
High CVE-2019-3823 curl 7.38.0-4+deb8u117.38.0-4+deb8u14curl: SMTP end-of-response out-of-bounds read curl:7.38.0-4+deb8u11
High CVE-2019-5436 curl 7.38.0-4+deb8u117.38.0-4+deb8u15curl: TFTP receive heap buffer overflow in tftp_receive_packet() function curl:7.38.0-4+deb8u11
High CVE-2019-8907 file 1:5.22+15-2+deb8u41:5.22+15-2+deb8u5file: do_core_note in readelf.c allows remote attackers to cause a denial of service file:1:5.22+15-2+deb8u4
High CVE-2016-6352 gir1.2-gdkpixbuf-2.0 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Out-of-bounds write in OneLine32() function gir1.2-gdkpixbuf-2.0:2.31.1-2+deb8u7
High CVE-2017-2870 gir1.2-gdkpixbuf-2.0 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf2: Integer overflow in tiff_image_parse function gir1.2-gdkpixbuf-2.0:2.31.1-2+deb8u7
High CVE-2017-6313 gir1.2-gdkpixbuf-2.0 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Integer underflow in io-icns.c gir1.2-gdkpixbuf-2.0:2.31.1-2+deb8u7
High CVE-2019-1349 git 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u8git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ git:1:2.1.4-2.1+deb8u6
High CVE-2019-1352 git 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u8git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams git:1:2.1.4-2.1+deb8u6
High CVE-2019-1387 git 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u8git: Remote code execution in recursive clones with nested submodules git:1:2.1.4-2.1+deb8u6
High CVE-2020-11008 git 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u10git: Crafted URL containing new lines, empty host or lacks a scheme can cause credential leak git:1:2.1.4-2.1+deb8u6
High CVE-2020-5260 git 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u9git: Crafted URL containing new lines can cause credential leak git:1:2.1.4-2.1+deb8u6
High CVE-2019-1349 git-man 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u8git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ git-man:1:2.1.4-2.1+deb8u6
High CVE-2019-1352 git-man 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u8git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams git-man:1:2.1.4-2.1+deb8u6
High CVE-2019-1387 git-man 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u8git: Remote code execution in recursive clones with nested submodules git-man:1:2.1.4-2.1+deb8u6
High CVE-2020-11008 git-man 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u10git: Crafted URL containing new lines, empty host or lacks a scheme can cause credential leak git-man:1:2.1.4-2.1+deb8u6
High CVE-2020-5260 git-man 1:2.1.4-2.1+deb8u61:2.1.4-2.1+deb8u9git: Crafted URL containing new lines can cause credential leak git-man:1:2.1.4-2.1+deb8u6
High CVE-2017-12430 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c imagemagick:8:6.8.9.9-5+deb8u13
High CVE-2017-12430 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
High CVE-2017-12430 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c imagemagick-common:8:6.8.9.9-5+deb8u13
High CVE-2019-3462 libapt-pkg4.12 1.0.9.8.41.0.9.8.5Incorrect sanitation of the 302 redirect field in HTTP transport metho ... libapt-pkg4.12:1.0.9.8.4
High CVE-2016-7141 libcurl3 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Incorrect reuse of client certificates libcurl3:7.38.0-4+deb8u11
High CVE-2016-9586 libcurl3 7.38.0-4+deb8u117.38.0-4+deb8u13curl: printf floating point buffer overflow libcurl3:7.38.0-4+deb8u11
High CVE-2018-16890 libcurl3 7.38.0-4+deb8u117.38.0-4+deb8u14curl: NTLM type-2 heap out-of-bounds buffer read libcurl3:7.38.0-4+deb8u11
High CVE-2019-3823 libcurl3 7.38.0-4+deb8u117.38.0-4+deb8u14curl: SMTP end-of-response out-of-bounds read libcurl3:7.38.0-4+deb8u11
High CVE-2019-5436 libcurl3 7.38.0-4+deb8u117.38.0-4+deb8u15curl: TFTP receive heap buffer overflow in tftp_receive_packet() function libcurl3:7.38.0-4+deb8u11
High CVE-2016-7141 libcurl3-gnutls 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Incorrect reuse of client certificates libcurl3-gnutls:7.38.0-4+deb8u11
High CVE-2016-9586 libcurl3-gnutls 7.38.0-4+deb8u117.38.0-4+deb8u13curl: printf floating point buffer overflow libcurl3-gnutls:7.38.0-4+deb8u11
High CVE-2018-16890 libcurl3-gnutls 7.38.0-4+deb8u117.38.0-4+deb8u14curl: NTLM type-2 heap out-of-bounds buffer read libcurl3-gnutls:7.38.0-4+deb8u11
High CVE-2019-3823 libcurl3-gnutls 7.38.0-4+deb8u117.38.0-4+deb8u14curl: SMTP end-of-response out-of-bounds read libcurl3-gnutls:7.38.0-4+deb8u11
High CVE-2019-5436 libcurl3-gnutls 7.38.0-4+deb8u117.38.0-4+deb8u15curl: TFTP receive heap buffer overflow in tftp_receive_packet() function libcurl3-gnutls:7.38.0-4+deb8u11
High CVE-2016-7141 libcurl4-openssl-dev 7.38.0-4+deb8u117.38.0-4+deb8u13curl: Incorrect reuse of client certificates libcurl4-openssl-dev:7.38.0-4+deb8u11
High CVE-2016-9586 libcurl4-openssl-dev 7.38.0-4+deb8u117.38.0-4+deb8u13curl: printf floating point buffer overflow libcurl4-openssl-dev:7.38.0-4+deb8u11
High CVE-2018-16890 libcurl4-openssl-dev 7.38.0-4+deb8u117.38.0-4+deb8u14curl: NTLM type-2 heap out-of-bounds buffer read libcurl4-openssl-dev:7.38.0-4+deb8u11
High CVE-2019-3823 libcurl4-openssl-dev 7.38.0-4+deb8u117.38.0-4+deb8u14curl: SMTP end-of-response out-of-bounds read libcurl4-openssl-dev:7.38.0-4+deb8u11
High CVE-2019-5436 libcurl4-openssl-dev 7.38.0-4+deb8u117.38.0-4+deb8u15curl: TFTP receive heap buffer overflow in tftp_receive_packet() function libcurl4-openssl-dev:7.38.0-4+deb8u11
High CVE-2019-18804 libdjvulibre-dev 3.5.25.4-43.5.25.4-4+deb8u2DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ... libdjvulibre-dev:3.5.25.4-4
High CVE-2019-18804 libdjvulibre-text 3.5.25.4-43.5.25.4-4+deb8u2DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ... libdjvulibre-text:3.5.25.4-4
High CVE-2019-18804 libdjvulibre21 3.5.25.4-43.5.25.4-4+deb8u2DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ... libdjvulibre21:3.5.25.4-4
High CVE-2016-6328 libexif-dev 0.6.21-20.6.21-2+deb8u2libexif: Integer overflow in parsing MNOTE entry data of the input file libexif-dev:0.6.21-2
High CVE-2018-20030 libexif-dev 0.6.21-20.6.21-2+deb8u3libexif: Input validation issue resulting in a denial of service libexif-dev:0.6.21-2
High CVE-2019-9278 libexif-dev 0.6.21-20.6.21-2+deb8u1libexif: out of bounds write in exif-data.c libexif-dev:0.6.21-2
High CVE-2020-0181 libexif-dev 0.6.21-20.6.21-2+deb8u1libexif: integer overflow in exif_data_load_data_thumbnail function in exif-data.c libexif-dev:0.6.21-2
High CVE-2020-0198 libexif-dev 0.6.21-20.6.21-2+deb8u4libexif: integer overflow in exif_data_load_data_content function in exif-data.c libexif-dev:0.6.21-2
High CVE-2020-13113 libexif-dev 0.6.21-20.6.21-2+deb8u3libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free libexif-dev:0.6.21-2
High CVE-2020-13114 libexif-dev 0.6.21-20.6.21-2+deb8u3libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time libexif-dev:0.6.21-2
High CVE-2016-6328 libexif12 0.6.21-20.6.21-2+deb8u2libexif: Integer overflow in parsing MNOTE entry data of the input file libexif12:0.6.21-2
High CVE-2018-20030 libexif12 0.6.21-20.6.21-2+deb8u3libexif: Input validation issue resulting in a denial of service libexif12:0.6.21-2
High CVE-2019-9278 libexif12 0.6.21-20.6.21-2+deb8u1libexif: out of bounds write in exif-data.c libexif12:0.6.21-2
High CVE-2020-0181 libexif12 0.6.21-20.6.21-2+deb8u1libexif: integer overflow in exif_data_load_data_thumbnail function in exif-data.c libexif12:0.6.21-2
High CVE-2020-0198 libexif12 0.6.21-20.6.21-2+deb8u4libexif: integer overflow in exif_data_load_data_content function in exif-data.c libexif12:0.6.21-2
High CVE-2020-13113 libexif12 0.6.21-20.6.21-2+deb8u3libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free libexif12:0.6.21-2
High CVE-2020-13114 libexif12 0.6.21-20.6.21-2+deb8u3libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time libexif12:0.6.21-2
High CVE-2018-20843 libexpat1 2.1.0-6+deb8u42.1.0-6+deb8u5expat: large number of colons in input makes parser consume high amount of resources, leading to DoS libexpat1:2.1.0-6+deb8u4
High CVE-2019-15903 libexpat1 2.1.0-6+deb8u42.1.0-6+deb8u6expat: heap-based buffer over-read via crafted XML input libexpat1:2.1.0-6+deb8u4
High CVE-2018-20843 libexpat1-dev 2.1.0-6+deb8u42.1.0-6+deb8u5expat: large number of colons in input makes parser consume high amount of resources, leading to DoS libexpat1-dev:2.1.0-6+deb8u4
High CVE-2019-15903 libexpat1-dev 2.1.0-6+deb8u42.1.0-6+deb8u6expat: heap-based buffer over-read via crafted XML input libexpat1-dev:2.1.0-6+deb8u4
High CVE-2015-9381 libfreetype6 2.5.2-3+deb8u22.5.2-3+deb8u4freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash libfreetype6:2.5.2-3+deb8u2
High CVE-2015-9381 libfreetype6-dev 2.5.2-3+deb8u22.5.2-3+deb8u4freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash libfreetype6-dev:2.5.2-3+deb8u2
High CVE-2018-1000222 libgd3 2.1.0-5+deb8u112.1.0-5+deb8u12gd: Double free in src/gd_bump.c:gdImageBmpPtr() via crafted JPEG libgd3:2.1.0-5+deb8u11
High CVE-2018-14553 libgd3 2.1.0-5+deb8u112.1.0-5+deb8u14gd: NULL pointer dereference in gdImageClone libgd3:2.1.0-5+deb8u11
High CVE-2019-6977 libgd3 2.1.0-5+deb8u112.1.0-5+deb8u12gd: Heap-based buffer overflow in gdImageColorMatch() in gd_color_match.c libgd3:2.1.0-5+deb8u11
High CVE-2016-6352 libgdk-pixbuf2.0-0 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Out-of-bounds write in OneLine32() function libgdk-pixbuf2.0-0:2.31.1-2+deb8u7
High CVE-2017-2870 libgdk-pixbuf2.0-0 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf2: Integer overflow in tiff_image_parse function libgdk-pixbuf2.0-0:2.31.1-2+deb8u7
High CVE-2017-6313 libgdk-pixbuf2.0-0 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Integer underflow in io-icns.c libgdk-pixbuf2.0-0:2.31.1-2+deb8u7
High CVE-2016-6352 libgdk-pixbuf2.0-common 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Out-of-bounds write in OneLine32() function libgdk-pixbuf2.0-common:2.31.1-2+deb8u7
High CVE-2017-2870 libgdk-pixbuf2.0-common 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf2: Integer overflow in tiff_image_parse function libgdk-pixbuf2.0-common:2.31.1-2+deb8u7
High CVE-2017-6313 libgdk-pixbuf2.0-common 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Integer underflow in io-icns.c libgdk-pixbuf2.0-common:2.31.1-2+deb8u7
High CVE-2016-6352 libgdk-pixbuf2.0-dev 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Out-of-bounds write in OneLine32() function libgdk-pixbuf2.0-dev:2.31.1-2+deb8u7
High CVE-2017-2870 libgdk-pixbuf2.0-dev 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf2: Integer overflow in tiff_image_parse function libgdk-pixbuf2.0-dev:2.31.1-2+deb8u7
High CVE-2017-6313 libgdk-pixbuf2.0-dev 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Integer underflow in io-icns.c libgdk-pixbuf2.0-dev:2.31.1-2+deb8u7
High CVE-2018-16429 libglib2.0-0 2.42.1-12.42.1-1+deb8u2glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c libglib2.0-0:2.42.1-1
High CVE-2019-13012 libglib2.0-0 2.42.1-12.42.1-1+deb8u3glib2: insecure permissions for files and directories libglib2.0-0:2.42.1-1
High CVE-2018-16429 libglib2.0-bin 2.42.1-12.42.1-1+deb8u2glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c libglib2.0-bin:2.42.1-1
High CVE-2019-13012 libglib2.0-bin 2.42.1-12.42.1-1+deb8u3glib2: insecure permissions for files and directories libglib2.0-bin:2.42.1-1
High CVE-2018-16429 libglib2.0-data 2.42.1-12.42.1-1+deb8u2glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c libglib2.0-data:2.42.1-1
High CVE-2019-13012 libglib2.0-data 2.42.1-12.42.1-1+deb8u3glib2: insecure permissions for files and directories libglib2.0-data:2.42.1-1
High CVE-2018-16429 libglib2.0-dev 2.42.1-12.42.1-1+deb8u2glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c libglib2.0-dev:2.42.1-1
High CVE-2019-13012 libglib2.0-dev 2.42.1-12.42.1-1+deb8u3glib2: insecure permissions for files and directories libglib2.0-dev:2.42.1-1
High CVE-2015-8947 libharfbuzz0b 0.9.35-20.9.35-2+deb8u1CVE-2016-2052 CVE-2015-8947 chromium-browser: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6 libharfbuzz0b:0.9.35-2
High CVE-2020-10531 libicu52 52.1-8+deb8u752.1-8+deb8u8ICU: Integer overflow in UnicodeString::doAppend() libicu52:52.1-8+deb8u7
High CVE-2017-13748 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u4jasper: tile memory not released on image parsing errors libjasper-dev:1.900.1-debian1-2.4+deb8u3
High CVE-2018-19540 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: heap-based buffer overflow of size 1 in jas_icctxtdesc_input in libjasper/base/jas_icc.c libjasper-dev:1.900.1-debian1-2.4+deb8u3
High CVE-2018-19541 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: heap-based buffer over-read of size 8 in jas_image_depalettize in libjasper/base/jas_image.c libjasper-dev:1.900.1-debian1-2.4+deb8u3
High CVE-2017-13748 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u4jasper: tile memory not released on image parsing errors libjasper1:1.900.1-debian1-2.4+deb8u3
High CVE-2018-19540 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: heap-based buffer overflow of size 1 in jas_icctxtdesc_input in libjasper/base/jas_icc.c libjasper1:1.900.1-debian1-2.4+deb8u3
High CVE-2018-19541 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: heap-based buffer over-read of size 8 in jas_image_depalettize in libjasper/base/jas_image.c libjasper1:1.900.1-debian1-2.4+deb8u3
High CVE-2016-3616 libjpeg-dev 1:1.3.1-121:1.3.1-12+deb8u1libjpeg: null pointer dereference in cjpeg libjpeg-dev:1:1.3.1-12
High CVE-2016-3616 libjpeg62-turbo 1:1.3.1-121:1.3.1-12+deb8u1libjpeg: null pointer dereference in cjpeg libjpeg62-turbo:1:1.3.1-12
High CVE-2016-3616 libjpeg62-turbo-dev 1:1.3.1-121:1.3.1-12+deb8u1libjpeg: null pointer dereference in cjpeg libjpeg62-turbo-dev:1:1.3.1-12
High CVE-2019-13565 libldap-2.4-2 2.4.40+dfsg-1+deb8u42.4.40+dfsg-1+deb8u5openldap: ACL restrictions bypass due to sasl_ssf value being set permanently libldap-2.4-2:2.4.40+dfsg-1+deb8u4
High CVE-2020-12243 libldap-2.4-2 2.4.40+dfsg-1+deb8u42.4.40+dfsg-1+deb8u6openldap: denial of service via nested boolean expressions in LDAP search filters libldap-2.4-2:2.4.40+dfsg-1+deb8u4
High CVE-2019-8907 libmagic1 1:5.22+15-2+deb8u41:5.22+15-2+deb8u5file: do_core_note in readelf.c allows remote attackers to cause a denial of service libmagic1:1:5.22+15-2+deb8u4
High CVE-2017-12430 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13
High CVE-2017-12430 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 libmagickcore-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c libmagickcore-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-12430 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-12430 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 libmagickcore-6.q16-2-extra 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13
High CVE-2017-12430 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 libmagickcore-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-12430 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 libmagickcore-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c libmagickcore-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-12430 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 libmagickwand-6-headers 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c libmagickwand-6-headers:8:6.8.9.9-5+deb8u13
High CVE-2017-12430 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 libmagickwand-6.q16-2 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13
High CVE-2017-12430 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 libmagickwand-6.q16-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-12430 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-12435 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-12587 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-14739 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15015 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in PDFDelegateMessage libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15017 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadOneMNGImage libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2017-15281 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Conditional statement depends on unitialized value libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2018-16412 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2018-16413 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-10650 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-11597 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-11598 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13135 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13295 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13297 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13304 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13305 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-13306 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-15140 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: Use after free in ReadMATImage in coders/mat.c libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-9956 libmagickwand-dev 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c libmagickwand-dev:8:6.8.9.9-5+deb8u13
High CVE-2019-10208 libpq-dev 9.4.19-0+deb8u19.4.24-0+deb8u1postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution libpq-dev:9.4.19-0+deb8u1
High CVE-2019-10208 libpq5 9.4.19-0+deb8u19.4.24-0+deb8u1postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution libpq5:9.4.19-0+deb8u1
High CVE-2018-1060 libpython2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u2python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib libpython2.7-minimal:2.7.9-2+deb8u1
High CVE-2018-1061 libpython2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u2python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib libpython2.7-minimal:2.7.9-2+deb8u1
High CVE-2018-14647 libpython2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u3python: Missing salt initialization in _elementtree.c module libpython2.7-minimal:2.7.9-2+deb8u1
High CVE-2019-16056 libpython2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u5python: email.utils.parseaddr wrongly parses email addresses libpython2.7-minimal:2.7.9-2+deb8u1
High CVE-2019-5010 libpython2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u3python: NULL pointer dereference using a specially crafted X509 certificate libpython2.7-minimal:2.7.9-2+deb8u1
High CVE-2018-1060 libpython2.7-stdlib 2.7.9-2+deb8u12.7.9-2+deb8u2python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib libpython2.7-stdlib:2.7.9-2+deb8u1
High CVE-2018-1061 libpython2.7-stdlib 2.7.9-2+deb8u12.7.9-2+deb8u2python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib libpython2.7-stdlib:2.7.9-2+deb8u1
High CVE-2018-14647 libpython2.7-stdlib 2.7.9-2+deb8u12.7.9-2+deb8u3python: Missing salt initialization in _elementtree.c module libpython2.7-stdlib:2.7.9-2+deb8u1
High CVE-2019-16056 libpython2.7-stdlib 2.7.9-2+deb8u12.7.9-2+deb8u5python: email.utils.parseaddr wrongly parses email addresses libpython2.7-stdlib:2.7.9-2+deb8u1
High CVE-2019-5010 libpython2.7-stdlib 2.7.9-2+deb8u12.7.9-2+deb8u3python: NULL pointer dereference using a specially crafted X509 certificate libpython2.7-stdlib:2.7.9-2+deb8u1
High CVE-2019-19906 libsasl2-2 2.1.26.dfsg1-13+deb8u12.1.26.dfsg1-13+deb8u2cyrus-sasl: denial of service in _sasl_add_string function libsasl2-2:2.1.26.dfsg1-13+deb8u1
High CVE-2019-19906 libsasl2-modules-db 2.1.26.dfsg1-13+deb8u12.1.26.dfsg1-13+deb8u2cyrus-sasl: denial of service in _sasl_add_string function libsasl2-modules-db:2.1.26.dfsg1-13+deb8u1
High CVE-2018-20346 libsqlite3-0 3.8.7.1-1+deb8u23.8.7.1-1+deb8u3CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan) libsqlite3-0:3.8.7.1-1+deb8u2
High CVE-2018-20506 libsqlite3-0 3.8.7.1-1+deb8u23.8.7.1-1+deb8u3CVE-2018-20346 CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan) libsqlite3-0:3.8.7.1-1+deb8u2
High CVE-2018-8740 libsqlite3-0 3.8.7.1-1+deb8u23.8.7.1-1+deb8u4sqlite: NULL pointer dereference with databases with schema corrupted with CREATE TABLE AS allows for denial of service libsqlite3-0:3.8.7.1-1+deb8u2
High CVE-2020-11655 libsqlite3-0 3.8.7.1-1+deb8u23.8.7.1-1+deb8u5sqlite: malformed window-function query leads to DoS libsqlite3-0:3.8.7.1-1+deb8u2
High CVE-2018-20346 libsqlite3-dev 3.8.7.1-1+deb8u23.8.7.1-1+deb8u3CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan) libsqlite3-dev:3.8.7.1-1+deb8u2
High CVE-2018-20506 libsqlite3-dev 3.8.7.1-1+deb8u23.8.7.1-1+deb8u3CVE-2018-20346 CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan) libsqlite3-dev:3.8.7.1-1+deb8u2
High CVE-2018-8740 libsqlite3-dev 3.8.7.1-1+deb8u23.8.7.1-1+deb8u4sqlite: NULL pointer dereference with databases with schema corrupted with CREATE TABLE AS allows for denial of service libsqlite3-dev:3.8.7.1-1+deb8u2
High CVE-2020-11655 libsqlite3-dev 3.8.7.1-1+deb8u23.8.7.1-1+deb8u5sqlite: malformed window-function query leads to DoS libsqlite3-dev:3.8.7.1-1+deb8u2
High CVE-2019-13115 libssh2-1 1.4.3-4.1+deb8u11.4.3-4.1+deb8u4libssh2: integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c leads to out-of-bounds write libssh2-1:1.4.3-4.1+deb8u1
High CVE-2019-17498 libssh2-1 1.4.3-4.1+deb8u11.4.3-4.1+deb8u6libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c libssh2-1:1.4.3-4.1+deb8u1
High CVE-2019-3855 libssh2-1 1.4.3-4.1+deb8u11.4.3-4.1+deb8u2libssh2: Integer overflow in transport read resulting in out of bounds write libssh2-1:1.4.3-4.1+deb8u1
High CVE-2019-3856 libssh2-1 1.4.3-4.1+deb8u11.4.3-4.1+deb8u2libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write libssh2-1:1.4.3-4.1+deb8u1
High CVE-2019-3857 libssh2-1 1.4.3-4.1+deb8u11.4.3-4.1+deb8u2libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write libssh2-1:1.4.3-4.1+deb8u1
High CVE-2019-3863 libssh2-1 1.4.3-4.1+deb8u11.4.3-4.1+deb8u2libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes libssh2-1:1.4.3-4.1+deb8u1
High CVE-2019-0203 libsvn1 1.8.10-6+deb8u61.8.10-6+deb8u7subversion: NULL pointer dereference in svnserve leading to an unauthenticated remote DoS libsvn1:1.8.10-6+deb8u6
High CVE-2017-18078 libsystemd0 215-17+deb8u7215-17+deb8u12systemd: Unsafe handling of hard links allowing privilege escalation libsystemd0:215-17+deb8u7
High CVE-2018-15686 libsystemd0 215-17+deb8u7215-17+deb8u8systemd: line splitting via fgets() allows for state injection during daemon-reexec libsystemd0:215-17+deb8u7
High CVE-2018-15688 libsystemd0 215-17+deb8u7215-17+deb8u8systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling libsystemd0:215-17+deb8u7
High CVE-2018-16864 libsystemd0 215-17+deb8u7215-17+deb8u9systemd: stack overflow when calling syslog from a command with long cmdline libsystemd0:215-17+deb8u7
High CVE-2018-16865 libsystemd0 215-17+deb8u7215-17+deb8u9systemd: stack overflow when receiving many journald entries libsystemd0:215-17+deb8u7
High CVE-2019-3842 libsystemd0 215-17+deb8u7215-17+deb8u12systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" libsystemd0:215-17+deb8u7
High CVE-2017-10790 libtasn1-6 4.2-3+deb8u34.2-3+deb8u4libtasn1: NULL pointer dereference in the _asn1_check_identifier function libtasn1-6:4.2-3+deb8u3
High CVE-2017-17095 libtiff5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service libtiff5:4.0.3-12.3+deb8u6
High CVE-2018-12900 libtiff5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution libtiff5:4.0.3-12.3+deb8u6
High CVE-2018-17100 libtiff5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u7libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c libtiff5:4.0.3-12.3+deb8u6
High CVE-2018-17101 libtiff5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u7libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c libtiff5:4.0.3-12.3+deb8u6
High CVE-2018-18557 libtiff5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u7libtiff: Out-of-bounds write in tif_jbig.c libtiff5:4.0.3-12.3+deb8u6
High CVE-2019-17546 libtiff5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c libtiff5:4.0.3-12.3+deb8u6
High CVE-2019-6128 libtiff5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: memory leak in TIFFFdOpen function in tif_unix.c when using pal2rgb libtiff5:4.0.3-12.3+deb8u6
High CVE-2017-17095 libtiff5-dev 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service libtiff5-dev:4.0.3-12.3+deb8u6
High CVE-2018-12900 libtiff5-dev 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution libtiff5-dev:4.0.3-12.3+deb8u6
High CVE-2018-17100 libtiff5-dev 4.0.3-12.3+deb8u64.0.3-12.3+deb8u7libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c libtiff5-dev:4.0.3-12.3+deb8u6
High CVE-2018-17101 libtiff5-dev 4.0.3-12.3+deb8u64.0.3-12.3+deb8u7libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c libtiff5-dev:4.0.3-12.3+deb8u6
High CVE-2018-18557 libtiff5-dev 4.0.3-12.3+deb8u64.0.3-12.3+deb8u7libtiff: Out-of-bounds write in tif_jbig.c libtiff5-dev:4.0.3-12.3+deb8u6
High CVE-2019-17546 libtiff5-dev 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c libtiff5-dev:4.0.3-12.3+deb8u6
High CVE-2019-6128 libtiff5-dev 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: memory leak in TIFFFdOpen function in tif_unix.c when using pal2rgb libtiff5-dev:4.0.3-12.3+deb8u6
High CVE-2017-17095 libtiffxx5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service libtiffxx5:4.0.3-12.3+deb8u6
High CVE-2018-12900 libtiffxx5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution libtiffxx5:4.0.3-12.3+deb8u6
High CVE-2018-17100 libtiffxx5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u7libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c libtiffxx5:4.0.3-12.3+deb8u6
High CVE-2018-17101 libtiffxx5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u7libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c libtiffxx5:4.0.3-12.3+deb8u6
High CVE-2018-18557 libtiffxx5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u7libtiff: Out-of-bounds write in tif_jbig.c libtiffxx5:4.0.3-12.3+deb8u6
High CVE-2019-17546 libtiffxx5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c libtiffxx5:4.0.3-12.3+deb8u6
High CVE-2019-6128 libtiffxx5 4.0.3-12.3+deb8u64.0.3-12.3+deb8u10libtiff: memory leak in TIFFFdOpen function in tif_unix.c when using pal2rgb libtiffxx5:4.0.3-12.3+deb8u6
High CVE-2017-18078 libudev1 215-17+deb8u7215-17+deb8u12systemd: Unsafe handling of hard links allowing privilege escalation libudev1:215-17+deb8u7
High CVE-2018-15686 libudev1 215-17+deb8u7215-17+deb8u8systemd: line splitting via fgets() allows for state injection during daemon-reexec libudev1:215-17+deb8u7
High CVE-2018-15688 libudev1 215-17+deb8u7215-17+deb8u8systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling libudev1:215-17+deb8u7
High CVE-2018-16864 libudev1 215-17+deb8u7215-17+deb8u9systemd: stack overflow when calling syslog from a command with long cmdline libudev1:215-17+deb8u7
High CVE-2018-16865 libudev1 215-17+deb8u7215-17+deb8u9systemd: stack overflow when receiving many journald entries libudev1:215-17+deb8u7
High CVE-2019-3842 libudev1 215-17+deb8u7215-17+deb8u12systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" libudev1:215-17+deb8u7
High CVE-2019-9232 libvpx1 1.3.0-3+deb8u11.3.0-3+deb8u2libvpx: Out of bounds read in vp8_norm table libvpx1:1.3.0-3+deb8u1
High CVE-2020-0034 libvpx1 1.3.0-3+deb8u11.3.0-3+deb8u3libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c libvpx1:1.3.0-3+deb8u1
High CVE-2018-14404 libxml2 2.9.1+dfsg1-5+deb8u62.9.1+dfsg1-5+deb8u7libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c libxml2:2.9.1+dfsg1-5+deb8u6
High CVE-2019-19956 libxml2 2.9.1+dfsg1-5+deb8u62.9.1+dfsg1-5+deb8u8libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c libxml2:2.9.1+dfsg1-5+deb8u6
High CVE-2018-14404 libxml2-dev 2.9.1+dfsg1-5+deb8u62.9.1+dfsg1-5+deb8u7libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c libxml2-dev:2.9.1+dfsg1-5+deb8u6
High CVE-2019-19956 libxml2-dev 2.9.1+dfsg1-5+deb8u62.9.1+dfsg1-5+deb8u8libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c libxml2-dev:2.9.1+dfsg1-5+deb8u6
High CVE-2019-13117 libxslt1-dev 1.1.28-2+deb8u31.1.28-2+deb8u5libxslt: an xsl number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers libxslt1-dev:1.1.28-2+deb8u3
High CVE-2019-13118 libxslt1-dev 1.1.28-2+deb8u31.1.28-2+deb8u5libxslt: read of uninitialized stack data due to too narrow xsl:number instruction and an invalid character libxslt1-dev:1.1.28-2+deb8u3
High CVE-2019-18197 libxslt1-dev 1.1.28-2+deb8u31.1.28-2+deb8u6libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure libxslt1-dev:1.1.28-2+deb8u3
High CVE-2019-13117 libxslt1.1 1.1.28-2+deb8u31.1.28-2+deb8u5libxslt: an xsl number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers libxslt1.1:1.1.28-2+deb8u3
High CVE-2019-13118 libxslt1.1 1.1.28-2+deb8u31.1.28-2+deb8u5libxslt: read of uninitialized stack data due to too narrow xsl:number instruction and an invalid character libxslt1.1:1.1.28-2+deb8u3
High CVE-2019-18197 libxslt1.1 1.1.28-2+deb8u31.1.28-2+deb8u6libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure libxslt1.1:1.1.28-2+deb8u3
High CVE-2016-10905 linux-libc-dev 3.16.57-23.16.74-1kernel: use-after-free in fs/gfs2/rgrp.c linux-libc-dev:3.16.57-2
High CVE-2017-13305 linux-libc-dev 3.16.57-23.16.64-1kernel: Buffer over-read in keyring subsystem allows exposing potentially sensitive information to local attacker linux-libc-dev:3.16.57-2
High CVE-2017-18509 linux-libc-dev 3.16.57-23.16.72-1kernel: not checking sk_type and protocol in net/ipv6/ip6mr.c leads to general protection fault, or arbitrary code execution linux-libc-dev:3.16.57-2
High CVE-2018-10878 linux-libc-dev 3.16.57-23.16.59-1kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image linux-libc-dev:3.16.57-2
High CVE-2018-10879 linux-libc-dev 3.16.57-23.16.59-1kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file linux-libc-dev:3.16.57-2
High CVE-2018-10902 linux-libc-dev 3.16.57-23.16.59-1kernel: MIDI driver race condition leads to a double-free linux-libc-dev:3.16.57-2
High CVE-2018-13405 linux-libc-dev 3.16.57-23.16.59-1kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members linux-libc-dev:3.16.57-2
High CVE-2018-13406 linux-libc-dev 3.16.57-23.16.59-1kernel: Integer overflow in drivers/video/fbdev/uvesafb.c:uvesafb_setcmap() allows for potential denial of service linux-libc-dev:3.16.57-2
High CVE-2018-14633 linux-libc-dev 3.16.57-23.16.59-1kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target linux-libc-dev:3.16.57-2
High CVE-2018-14634 linux-libc-dev 3.16.57-23.16.59-1kernel: Integer overflow in Linux's create_elf_tables function linux-libc-dev:3.16.57-2
High CVE-2018-14678 linux-libc-dev 3.16.57-23.16.59-1xen: Uninitialized state in x86 PV failsafe callback path (XSA-274) linux-libc-dev:3.16.57-2
High CVE-2018-14734 linux-libc-dev 3.16.57-23.16.59-1kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c linux-libc-dev:3.16.57-2
High CVE-2018-16276 linux-libc-dev 3.16.57-23.16.59-1kernel: incorrect bounds checking in yurex_read in drivers/usb/misc/yurex.c linux-libc-dev:3.16.57-2
High CVE-2018-16884 linux-libc-dev 3.16.57-23.16.64-1kernel: nfs: use-after-free in svc_process_common() linux-libc-dev:3.16.57-2
High CVE-2018-17182 linux-libc-dev 3.16.57-23.16.59-1kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation linux-libc-dev:3.16.57-2
High CVE-2018-18281 linux-libc-dev 3.16.57-23.16.64-1kernel: TLB flush happens too late on mremap linux-libc-dev:3.16.57-2
High CVE-2018-19824 linux-libc-dev 3.16.57-23.16.64-1kernel: Use-after-free in sound/usb/card.c:usb_audio_probe() linux-libc-dev:3.16.57-2
High CVE-2018-20836 linux-libc-dev 3.16.57-23.16.72-1kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free linux-libc-dev:3.16.57-2
High CVE-2018-20976 linux-libc-dev 3.16.57-23.16.74-1kernel: use-after-free in fs/xfs/xfs_super.c linux-libc-dev:3.16.57-2
High CVE-2018-5391 linux-libc-dev 3.16.57-23.16.59-1kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) linux-libc-dev:3.16.57-2
High CVE-2018-5848 linux-libc-dev 3.16.57-23.16.64-1kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption linux-libc-dev:3.16.57-2
High CVE-2018-6555 linux-libc-dev 3.16.57-23.16.59-1kernel: irda: use-after-free vulnerability in the hashbin list linux-libc-dev:3.16.57-2
High CVE-2018-9363 linux-libc-dev 3.16.57-23.16.59-1kernel: Buffer overflow in hidp_process_report linux-libc-dev:3.16.57-2
High CVE-2018-9516 linux-libc-dev 3.16.57-23.16.59-1kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c linux-libc-dev:3.16.57-2
High CVE-2018-9568 linux-libc-dev 3.16.57-23.16.59-1kernel: Memory corruption due to incorrect socket cloning linux-libc-dev:3.16.57-2
High CVE-2019-0136 linux-libc-dev 3.16.57-23.16.74-1kernel: insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver may allow an unauthenticated user to potentially enable DoS via adjacent access linux-libc-dev:3.16.57-2
High CVE-2019-10220 linux-libc-dev 3.16.57-23.16.81-1kernel: CIFS: Relative paths injection in directory entry lists linux-libc-dev:3.16.57-2
High CVE-2019-10639 linux-libc-dev 3.16.57-23.16.70-1Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR linux-libc-dev:3.16.57-2
High CVE-2019-11477 linux-libc-dev 3.16.57-23.16.68-2Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service linux-libc-dev:3.16.57-2
High CVE-2019-11478 linux-libc-dev 3.16.57-23.16.68-2Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service linux-libc-dev:3.16.57-2
High CVE-2019-11479 linux-libc-dev 3.16.57-23.16.68-2kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service linux-libc-dev:3.16.57-2
High CVE-2019-11486 linux-libc-dev 3.16.57-23.16.68-1kernel: multiple race conditions in Siemens R3964 line discipline driver in drivers/tty/n_r3964.c leading to denial of service linux-libc-dev:3.16.57-2
High CVE-2019-11599 linux-libc-dev 3.16.57-23.16.68-1kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping linux-libc-dev:3.16.57-2
High CVE-2019-11810 linux-libc-dev 3.16.57-23.16.68-2kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS linux-libc-dev:3.16.57-2
High CVE-2019-12818 linux-libc-dev 3.16.57-23.16.68-1kernel: null-pointer dereference in function nfc_llcp_build_tlv in net/nfc/llcp_commands.c linux-libc-dev:3.16.57-2
High CVE-2019-13272 linux-libc-dev 3.16.57-23.16.70-1kernel: broken permission and object lifetime handling for PTRACE_TRACEME linux-libc-dev:3.16.57-2
High CVE-2019-14814 linux-libc-dev 3.16.57-23.16.74-1kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS linux-libc-dev:3.16.57-2
High CVE-2019-14815 linux-libc-dev 3.16.57-23.16.74-1kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS linux-libc-dev:3.16.57-2
High CVE-2019-14816 linux-libc-dev 3.16.57-23.16.74-1kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver linux-libc-dev:3.16.57-2
High CVE-2019-14821 linux-libc-dev 3.16.57-23.16.74-1Kernel: KVM: OOB memory access via mmio ring buffer linux-libc-dev:3.16.57-2
High CVE-2019-14835 linux-libc-dev 3.16.57-23.16.74-1kernel: vhost-net: guest to host kernel escape during migration linux-libc-dev:3.16.57-2
High CVE-2019-15117 linux-libc-dev 3.16.57-23.16.74-1kernel: out of bounds memory access in parse_audio_mixer_unit in sound/usb/mixer.c linux-libc-dev:3.16.57-2
High CVE-2019-15239 linux-libc-dev 3.16.57-23.16.72-1kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation linux-libc-dev:3.16.57-2
High CVE-2019-15916 linux-libc-dev 3.16.57-23.16.70-1kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service linux-libc-dev:3.16.57-2
High CVE-2019-15917 linux-libc-dev 3.16.57-23.16.74-1kernel: use-after-free in drivers/bluetooth/hci_ldisc.c linux-libc-dev:3.16.57-2
High CVE-2019-15927 linux-libc-dev 3.16.57-23.16.68-1kernel: out-of-bounds in function build_audio_procunit in sound/usb/mixer.c linux-libc-dev:3.16.57-2
High CVE-2019-16413 linux-libc-dev 3.16.57-23.16.70-1kernel: i_size_read() infinite loop leads to denial of service linux-libc-dev:3.16.57-2
High CVE-2019-17666 linux-libc-dev 3.16.57-23.16.81-1kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow linux-libc-dev:3.16.57-2
High CVE-2019-18675 linux-libc-dev 3.16.57-23.16.64-1kernel: integer overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c linux-libc-dev:3.16.57-2
High CVE-2019-19052 linux-libc-dev 3.16.57-23.16.81-1kernel: dos in gs_can_open() function in drivers/net/can/usb/gs_usb.c linux-libc-dev:3.16.57-2
High CVE-2019-19447 linux-libc-dev 3.16.57-23.16.84-1kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c linux-libc-dev:3.16.57-2
High CVE-2019-19768 linux-libc-dev 3.16.57-23.16.84-1kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c linux-libc-dev:3.16.57-2
High CVE-2019-2024 linux-libc-dev 3.16.57-23.16.68-1kernel: media: em28xx: Use-after-free in em28xx/em28xx-dvb.c when disconnecting linux-libc-dev:3.16.57-2
High CVE-2019-2215 linux-libc-dev 3.16.57-23.16.81-1kernel: Use-after-free in binder.c linux-libc-dev:3.16.57-2
High CVE-2019-3846 linux-libc-dev 3.16.57-23.16.68-2kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c linux-libc-dev:3.16.57-2
High CVE-2019-3900 linux-libc-dev 3.16.57-23.16.72-1Kernel: vhost_net: infinite loop while receiving packets leads to DoS linux-libc-dev:3.16.57-2
High CVE-2019-6974 linux-libc-dev 3.16.57-23.16.64-1Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() linux-libc-dev:3.16.57-2
High CVE-2019-7221 linux-libc-dev 3.16.57-23.16.64-1Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer linux-libc-dev:3.16.57-2
High CVE-2019-9458 linux-libc-dev 3.16.57-23.16.64-1kernel: use after free due to race condition in the video driver leads to local privilege escalation linux-libc-dev:3.16.57-2
High CVE-2019-9503 linux-libc-dev 3.16.57-23.16.68-1kernel: brcmfmac frame validation bypass linux-libc-dev:3.16.57-2
High CVE-2019-9506 linux-libc-dev 3.16.57-23.16.74-1hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) linux-libc-dev:3.16.57-2
High CVE-2020-11668 linux-libc-dev 3.16.57-23.16.84-1kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c linux-libc-dev:3.16.57-2
High CVE-2020-12653 linux-libc-dev 3.16.57-23.16.84-1kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c linux-libc-dev:3.16.57-2
High CVE-2020-12654 linux-libc-dev 3.16.57-23.16.84-1kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c linux-libc-dev:3.16.57-2
High CVE-2020-1749 linux-libc-dev 3.16.57-23.16.84-1kernel: some ipv6 protocols not encrypted over ipsec tunnel linux-libc-dev:3.16.57-2
High CVE-2020-8648 linux-libc-dev 3.16.57-23.16.84-1kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c linux-libc-dev:3.16.57-2
High CVE-2020-9383 linux-libc-dev 3.16.57-23.16.84-1kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c linux-libc-dev:3.16.57-2
High CVE-2015-5600 openssh-client 1:6.7p1-5+deb8u51:6.7p1-5+deb8u6openssh: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices openssh-client:1:6.7p1-5+deb8u5
High CVE-2016-10009 openssh-client 1:6.7p1-5+deb8u51:6.7p1-5+deb8u6openssh: loading of untrusted PKCS#11 modules in ssh-agent openssh-client:1:6.7p1-5+deb8u5
High CVE-2016-10012 openssh-client 1:6.7p1-5+deb8u51:6.7p1-5+deb8u6openssh: Bounds check can be evaded in the shared memory manager used by pre-authentication compression support openssh-client:1:6.7p1-5+deb8u5
High CVE-2016-10708 openssh-client 1:6.7p1-5+deb8u51:6.7p1-5+deb8u6openssh: Out of sequence NEWKEYS message can allow remote attacker to cause denial of service openssh-client:1:6.7p1-5+deb8u5
High CVE-2016-6515 openssh-client 1:6.7p1-5+deb8u51:6.7p1-5+deb8u6openssh: Denial of service via very long passwords openssh-client:1:6.7p1-5+deb8u5
High CVE-2018-20969 patch 2.7.5-1+deb8u12.7.5-1+deb8u3patch: do_ed_script in pch.c does not block strings beginning with a ! character patch:2.7.5-1+deb8u1
High CVE-2019-13638 patch 2.7.5-1+deb8u12.7.5-1+deb8u3patch: OS shell command injection when processing crafted patch files patch:2.7.5-1+deb8u1
High CVE-2018-1060 python2.7 2.7.9-2+deb8u12.7.9-2+deb8u2python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib python2.7:2.7.9-2+deb8u1
High CVE-2018-1061 python2.7 2.7.9-2+deb8u12.7.9-2+deb8u2python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib python2.7:2.7.9-2+deb8u1
High CVE-2018-14647 python2.7 2.7.9-2+deb8u12.7.9-2+deb8u3python: Missing salt initialization in _elementtree.c module python2.7:2.7.9-2+deb8u1
High CVE-2019-16056 python2.7 2.7.9-2+deb8u12.7.9-2+deb8u5python: email.utils.parseaddr wrongly parses email addresses python2.7:2.7.9-2+deb8u1
High CVE-2019-5010 python2.7 2.7.9-2+deb8u12.7.9-2+deb8u3python: NULL pointer dereference using a specially crafted X509 certificate python2.7:2.7.9-2+deb8u1
High CVE-2018-1060 python2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u2python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib python2.7-minimal:2.7.9-2+deb8u1
High CVE-2018-1061 python2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u2python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib python2.7-minimal:2.7.9-2+deb8u1
High CVE-2018-14647 python2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u3python: Missing salt initialization in _elementtree.c module python2.7-minimal:2.7.9-2+deb8u1
High CVE-2019-16056 python2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u5python: email.utils.parseaddr wrongly parses email addresses python2.7-minimal:2.7.9-2+deb8u1
High CVE-2019-5010 python2.7-minimal 2.7.9-2+deb8u12.7.9-2+deb8u3python: NULL pointer dereference using a specially crafted X509 certificate python2.7-minimal:2.7.9-2+deb8u1
High CVE-2019-0203 subversion 1.8.10-6+deb8u61.8.10-6+deb8u7subversion: NULL pointer dereference in svnserve leading to an unauthenticated remote DoS subversion:1.8.10-6+deb8u6
High CVE-2017-18078 systemd 215-17+deb8u7215-17+deb8u12systemd: Unsafe handling of hard links allowing privilege escalation systemd:215-17+deb8u7
High CVE-2018-15686 systemd 215-17+deb8u7215-17+deb8u8systemd: line splitting via fgets() allows for state injection during daemon-reexec systemd:215-17+deb8u7
High CVE-2018-15688 systemd 215-17+deb8u7215-17+deb8u8systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling systemd:215-17+deb8u7
High CVE-2018-16864 systemd 215-17+deb8u7215-17+deb8u9systemd: stack overflow when calling syslog from a command with long cmdline systemd:215-17+deb8u7
High CVE-2018-16865 systemd 215-17+deb8u7215-17+deb8u9systemd: stack overflow when receiving many journald entries systemd:215-17+deb8u7
High CVE-2019-3842 systemd 215-17+deb8u7215-17+deb8u12systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" systemd:215-17+deb8u7
High CVE-2017-18078 systemd-sysv 215-17+deb8u7215-17+deb8u12systemd: Unsafe handling of hard links allowing privilege escalation systemd-sysv:215-17+deb8u7
High CVE-2018-15686 systemd-sysv 215-17+deb8u7215-17+deb8u8systemd: line splitting via fgets() allows for state injection during daemon-reexec systemd-sysv:215-17+deb8u7
High CVE-2018-15688 systemd-sysv 215-17+deb8u7215-17+deb8u8systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling systemd-sysv:215-17+deb8u7
High CVE-2018-16864 systemd-sysv 215-17+deb8u7215-17+deb8u9systemd: stack overflow when calling syslog from a command with long cmdline systemd-sysv:215-17+deb8u7
High CVE-2018-16865 systemd-sysv 215-17+deb8u7215-17+deb8u9systemd: stack overflow when receiving many journald entries systemd-sysv:215-17+deb8u7
High CVE-2019-3842 systemd-sysv 215-17+deb8u7215-17+deb8u12systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" systemd-sysv:215-17+deb8u7
High CVE-2017-18078 udev 215-17+deb8u7215-17+deb8u12systemd: Unsafe handling of hard links allowing privilege escalation udev:215-17+deb8u7
High CVE-2018-15686 udev 215-17+deb8u7215-17+deb8u8systemd: line splitting via fgets() allows for state injection during daemon-reexec udev:215-17+deb8u7
High CVE-2018-15688 udev 215-17+deb8u7215-17+deb8u8systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling udev:215-17+deb8u7
High CVE-2018-16864 udev 215-17+deb8u7215-17+deb8u9systemd: stack overflow when calling syslog from a command with long cmdline udev:215-17+deb8u7
High CVE-2018-16865 udev 215-17+deb8u7215-17+deb8u9systemd: stack overflow when receiving many journald entries udev:215-17+deb8u7
High CVE-2019-3842 udev 215-17+deb8u7215-17+deb8u12systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" udev:215-17+deb8u7
High CVE-2016-7098 wget 1.16-1+deb8u51.16-1+deb8u7wget: files rejected by access list are kept on the disk for the duration of HTTP connection wget:1.16-1+deb8u5
High CVE-2016-9840 zlib1g 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Out-of-bounds pointer arithmetic in inftrees.c zlib1g:1:1.2.8.dfsg-2
High CVE-2016-9842 zlib1g 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Undefined left shift of negative number zlib1g:1:1.2.8.dfsg-2
High CVE-2016-9840 zlib1g-dev 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Out-of-bounds pointer arithmetic in inftrees.c zlib1g-dev:1:1.2.8.dfsg-2
High CVE-2016-9842 zlib1g-dev 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Undefined left shift of negative number zlib1g-dev:1:1.2.8.dfsg-2
High CVE-2021-3807 ansi-regex 3.0.03.0.1, 4.1.1, 5.0.1, 6.0.1nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes ansi-regex:3.0.0
High CVE-2020-8116 dot-prop 4.2.05.1.1, 4.2.1nodejs-dot-prop: prototype pollution dot-prop:4.2.0
High CVE-2019-13173 fstream 1.0.111.0.12nodejs-fstream: File overwrite in fstream.DirWriter() function fstream:1.0.11
High CVE-2022-29167 hawk 6.0.29.0.1hawk: REDoS in hawk.utils.parseHost() when parsing Host header hawk:6.0.2
High GHSA-8w57-jfpm-945m http-proxy-agent 2.0.02.1.0Denial of Service in http-proxy-agent http-proxy-agent:2.0.0
High NSWG-ECO-402 http-proxy-agent 2.0.0>=2.1.0Denial of Service http-proxy-agent:2.0.0
High NSWG-ECO-388 https-proxy-agent 2.1.1>=2.2.0Denial of Service https-proxy-agent:2.1.1
High CVE-2020-7788 ini 1.3.51.3.6nodejs-ini: Prototype pollution via malicious INI file ini:1.3.5
High CVE-2018-16487 lodash 3.10.1>=4.17.11lodash: Prototype pollution in utilities function lodash:3.10.1
High CVE-2020-8203 lodash 3.10.14.17.20nodejs-lodash: prototype pollution in zipObjectDeep function lodash:3.10.1
High CVE-2021-23337 lodash 3.10.14.17.21nodejs-lodash: command injection via template lodash:3.10.1
High CVE-2018-16487 lodash 4.17.5>=4.17.11lodash: Prototype pollution in utilities function lodash:4.17.5
High CVE-2020-8203 lodash 4.17.54.17.20nodejs-lodash: prototype pollution in zipObjectDeep function lodash:4.17.5
High CVE-2021-23337 lodash 4.17.54.17.21nodejs-lodash: command injection via template lodash:4.17.5
High CVE-2019-16775 npm 5.8.06.13.3npm: Symlink reference outside of node_modules folder through the bin field upon installation npm:5.8.0
High CVE-2019-16775 npm 6.4.16.13.3npm: Symlink reference outside of node_modules folder through the bin field upon installation npm:6.4.1
High CVE-2020-7754 npm-user-validate 1.0.01.0.1nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS npm-user-validate:1.0.0
High CVE-2018-3737 sshpk 1.13.11.13.2nodejs-sshpk: ReDoS when parsing crafted invalid public keys in lib/formats/ssh.js sshpk:1.13.1
High NSWG-ECO-401 sshpk 1.13.1>=1.13.2Denial of Service sshpk:1.13.1
High CVE-2021-27290 ssri 5.2.48.0.1, 7.1.1, 6.0.2nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode ssri:5.2.4
High CVE-2021-27290 ssri 5.3.08.0.1, 7.1.1, 6.0.2nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode ssri:5.3.0
High CVE-2021-27290 ssri 6.0.08.0.1, 7.1.1, 6.0.2nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode ssri:6.0.0
High CVE-2018-20834 tar 2.2.14.4.2, 2.2.2nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link tar:2.2.1
High CVE-2021-32803 tar 2.2.16.1.2, 5.0.7, 4.4.15, 3.2.3nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite tar:2.2.1
High CVE-2021-32804 tar 2.2.16.1.1, 5.0.6, 4.4.14, 3.2.2nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite tar:2.2.1
High CVE-2021-37701 tar 2.2.16.1.7, 5.0.8, 4.4.16nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite tar:2.2.1
High CVE-2021-37712 tar 2.2.16.1.9, 5.0.10, 4.4.18nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite tar:2.2.1
High CVE-2021-37713 tar 2.2.16.1.9, 5.0.10, 4.4.18nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization tar:2.2.1
High CVE-2018-20834 tar 4.4.04.4.2, 2.2.2nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link tar:4.4.0
High CVE-2021-32803 tar 4.4.06.1.2, 5.0.7, 4.4.15, 3.2.3nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite tar:4.4.0
High CVE-2021-32804 tar 4.4.06.1.1, 5.0.6, 4.4.14, 3.2.2nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite tar:4.4.0
High CVE-2021-37701 tar 4.4.06.1.7, 5.0.8, 4.4.16nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite tar:4.4.0
High CVE-2021-37712 tar 4.4.06.1.9, 5.0.10, 4.4.18nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite tar:4.4.0
High CVE-2021-37713 tar 4.4.06.1.9, 5.0.10, 4.4.18nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization tar:4.4.0
High CVE-2021-32803 tar 4.4.66.1.2, 5.0.7, 4.4.15, 3.2.3nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite tar:4.4.6
High CVE-2021-32804 tar 4.4.66.1.1, 5.0.6, 4.4.14, 3.2.2nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite tar:4.4.6
High CVE-2021-37701 tar 4.4.66.1.7, 5.0.8, 4.4.16nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite tar:4.4.6
High CVE-2021-37712 tar 4.4.66.1.9, 5.0.10, 4.4.18nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite tar:4.4.6
High CVE-2021-37713 tar 4.4.66.1.9, 5.0.10, 4.4.18nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization tar:4.4.6
High CVE-2015-8857 uglify-js 2.2.5>= 2.4.24The uglify-js package before 2.4.24 for Node.js does not properly acco ... uglify-js:2.2.5
High CVE-2020-7774 y18n 3.2.15.0.5, 4.0.1, 3.2.2nodejs-y18n: prototype pollution vulnerability y18n:3.2.1
High CVE-2020-7774 y18n 4.0.05.0.5, 4.0.1, 3.2.2nodejs-y18n: prototype pollution vulnerability y18n:4.0.0
High CVE-2019-10773 yarn 1.9.41.22.0nodejs-yarn: Install functionality can be abused to generate arbitrary symlinks yarn:1.9.4
High CVE-2019-5448 yarn 1.9.41.17.3Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Da ... yarn:1.9.4
High CVE-2020-8131 yarn 1.9.41.22.0yarn: Arbitrary filesystem write via tar expansion yarn:1.9.4
Medium CVE-2020-3810 apt 1.0.9.8.41.0.9.8.6Missing input validation in the ar/tar implementations of APT before v ... apt:1.0.9.8.4
Medium CVE-2016-9401 bash 4.3-11+deb8u14.3-11+deb8u2bash: popd controlled free bash:4.3-11+deb8u1
Medium CVE-2016-3189 bzip2 1.0.6-71.0.6-7+deb8u1bzip2: heap use after free in bzip2recover bzip2:1.0.6-7
Medium CVE-2019-5094 comerr-dev 1.42.12-21.42.12-2+deb8u1e2fsprogs: Crafted ext4 partition leads to out-of-bounds write comerr-dev:1.42.12-2
Medium CVE-2019-5188 comerr-dev 1.42.12-21.42.12-2+deb8u2e2fsprogs: Out-of-bounds write in e2fsck/rehash.c comerr-dev:1.42.12-2
Medium CVE-2019-5094 e2fslibs 1.42.12-21.42.12-2+deb8u1e2fsprogs: Crafted ext4 partition leads to out-of-bounds write e2fslibs:1.42.12-2
Medium CVE-2019-5188 e2fslibs 1.42.12-21.42.12-2+deb8u2e2fsprogs: Out-of-bounds write in e2fsck/rehash.c e2fslibs:1.42.12-2
Medium CVE-2019-5094 e2fsprogs 1.42.12-21.42.12-2+deb8u1e2fsprogs: Crafted ext4 partition leads to out-of-bounds write e2fsprogs:1.42.12-2
Medium CVE-2019-5188 e2fsprogs 1.42.12-21.42.12-2+deb8u2e2fsprogs: Out-of-bounds write in e2fsck/rehash.c e2fsprogs:1.42.12-2
Medium CVE-2019-8905 file 1:5.22+15-2+deb8u41:5.22+15-2+deb8u5file: stack-based buffer over-read in do_core_note in readelf.c file:1:5.22+15-2+deb8u4
Medium CVE-2017-6312 gir1.2-gdkpixbuf-2.0 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Out-of-bounds read in io-ico.c gir1.2-gdkpixbuf-2.0:2.31.1-2+deb8u7
Medium CVE-2017-6314 gir1.2-gdkpixbuf-2.0 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Infinite loop in io-tiff.c gir1.2-gdkpixbuf-2.0:2.31.1-2+deb8u7
Medium CVE-2017-1000445 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: NULL pointer dereference in MagickCore component can lead to a denial of service imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-1000476 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: CPU exhaustion vulnerability in function ReadDDSInfo in coders/dds.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-11446 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Infinite loop in ReadPESImage function in coders/pes.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-11523 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-11537 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Floating point exception in the WritePALMImage() function imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12140 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: integer signedness error in ReadDCMImage function imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12432 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadPCXImage in coders/pcx.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12563 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in the function ReadPSDImage imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12643 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadOneJNGImage function in coders\png.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12670 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Assertion failure in the function DestroyImage imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12674 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in the function ReadPDBImage imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12691 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadOneLayer function in coders/xcf.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12692 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadVIFFImage function in coders/viff.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12693 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadBMPImage function in coders/bmp.c in ImageMagick imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12875 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in WritePixelCachePixels function in coders/xcf.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13133 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Improper input validadion in load_level function in coders/xcf.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13142 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Improper validation of short files in coders/png.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13145 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Improper input validation in ReadJP2Image function in coders/jp2.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13658 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Missing NULL check in the ReadMATImage function imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13768 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in IdentifyImage function in MagickCore/identify.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14060 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadCUTImage function imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14172 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Lack of an EOF check in ReadPSImage() function imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14173 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Integer overflow in the function ReadTXTImage() imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14174 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Lack of EOF check in the ReadPSDLayersInternal() function imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14175 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Lack of EOF check in the ReadXBMImage() function imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14249 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Division by zero in the GetPixelCacheTileSize function imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14341 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Infinite loop in the ReadWPGImage function imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14400 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the GetVirtualPixels function imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14505 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Null pointer dereference in DrawGetStrokeDashArray function in wand/drawing-wand.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14741 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Infinite loop in the ReadCAPTIONImage function imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-17682 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ExtractPostscript function in coders/wpg.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-17914 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: denial of service in the function ReadOnePNGImage in coders/png.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-18271 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: infinite loop in ReadMIFFImage function in coders/miff.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-18273 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: infinite loop ReadTXTImage in function in coders/txt.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-9500 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Assertion failure in ResetImageProfileIterator imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16642 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: out-of-bounds write in InsertRow function in coders/cut.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16643 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: missing check for fputc function in multiple files imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16644 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: improper check for length in ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16645 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: Out-of-memory ReadBMPImage of coders/bmp.c and ReadDIBImage of codes/dib.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16749 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: reachable assertion in ReadOneJNGImage in coders/png.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2018-18025 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u15ImageMagick: heap-based buffer over-read in the EncodeImage function of coders/pict.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2019-11470 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: denial of service in cineon parsing component imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2019-12974 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2019-14981 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2019-15139 imagemagick 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c imagemagick:8:6.8.9.9-5+deb8u13
Medium CVE-2017-1000445 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: NULL pointer dereference in MagickCore component can lead to a denial of service imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-1000476 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: CPU exhaustion vulnerability in function ReadDDSInfo in coders/dds.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-11446 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Infinite loop in ReadPESImage function in coders/pes.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-11523 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-11537 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Floating point exception in the WritePALMImage() function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12140 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: integer signedness error in ReadDCMImage function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12432 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadPCXImage in coders/pcx.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12563 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in the function ReadPSDImage imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12643 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadOneJNGImage function in coders\png.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12670 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Assertion failure in the function DestroyImage imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12674 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in the function ReadPDBImage imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12691 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadOneLayer function in coders/xcf.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12692 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadVIFFImage function in coders/viff.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12693 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadBMPImage function in coders/bmp.c in ImageMagick imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12875 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in WritePixelCachePixels function in coders/xcf.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13133 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Improper input validadion in load_level function in coders/xcf.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13142 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Improper validation of short files in coders/png.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13145 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Improper input validation in ReadJP2Image function in coders/jp2.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13658 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Missing NULL check in the ReadMATImage function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13768 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in IdentifyImage function in MagickCore/identify.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14060 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadCUTImage function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14172 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Lack of an EOF check in ReadPSImage() function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14173 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Integer overflow in the function ReadTXTImage() imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14174 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Lack of EOF check in the ReadPSDLayersInternal() function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14175 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Lack of EOF check in the ReadXBMImage() function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14249 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Division by zero in the GetPixelCacheTileSize function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14341 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Infinite loop in the ReadWPGImage function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14400 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the GetVirtualPixels function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14505 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Null pointer dereference in DrawGetStrokeDashArray function in wand/drawing-wand.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14741 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Infinite loop in the ReadCAPTIONImage function imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-17682 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ExtractPostscript function in coders/wpg.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-17914 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: denial of service in the function ReadOnePNGImage in coders/png.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-18271 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: infinite loop in ReadMIFFImage function in coders/miff.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-18273 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: infinite loop ReadTXTImage in function in coders/txt.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-9500 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Assertion failure in ResetImageProfileIterator imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16642 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: out-of-bounds write in InsertRow function in coders/cut.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16643 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: missing check for fputc function in multiple files imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16644 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: improper check for length in ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16645 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: Out-of-memory ReadBMPImage of coders/bmp.c and ReadDIBImage of codes/dib.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16749 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: reachable assertion in ReadOneJNGImage in coders/png.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2018-18025 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u15ImageMagick: heap-based buffer over-read in the EncodeImage function of coders/pict.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2019-11470 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: denial of service in cineon parsing component imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2019-12974 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2019-14981 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2019-15139 imagemagick-6.q16 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c imagemagick-6.q16:8:6.8.9.9-5+deb8u13
Medium CVE-2017-1000445 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16imagemagick: NULL pointer dereference in MagickCore component can lead to a denial of service imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-1000476 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: CPU exhaustion vulnerability in function ReadDDSInfo in coders/dds.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-11446 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Infinite loop in ReadPESImage function in coders/pes.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-11523 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-11537 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Floating point exception in the WritePALMImage() function imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12140 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: integer signedness error in ReadDCMImage function imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12432 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadPCXImage in coders/pcx.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12563 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in the function ReadPSDImage imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12643 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadOneJNGImage function in coders\png.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12670 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Assertion failure in the function DestroyImage imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12674 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in the function ReadPDBImage imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12691 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadOneLayer function in coders/xcf.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12692 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadVIFFImage function in coders/viff.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12693 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Memory exhaustion in ReadBMPImage function in coders/bmp.c in ImageMagick imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-12875 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in WritePixelCachePixels function in coders/xcf.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13133 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Improper input validadion in load_level function in coders/xcf.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13142 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Improper validation of short files in coders/png.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13145 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Improper input validation in ReadJP2Image function in coders/jp2.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13658 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Missing NULL check in the ReadMATImage function imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-13768 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in IdentifyImage function in MagickCore/identify.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14060 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in ReadCUTImage function imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14172 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Lack of an EOF check in ReadPSImage() function imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14173 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Integer overflow in the function ReadTXTImage() imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14174 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Lack of EOF check in the ReadPSDLayersInternal() function imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14175 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Lack of EOF check in the ReadXBMImage() function imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14249 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Division by zero in the GetPixelCacheTileSize function imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14341 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Infinite loop in the ReadWPGImage function imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14400 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: NULL pointer dereference in the GetVirtualPixels function imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14505 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Null pointer dereference in DrawGetStrokeDashArray function in wand/drawing-wand.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-14741 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Infinite loop in the ReadCAPTIONImage function imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-17682 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Resource exhaustion in ExtractPostscript function in coders/wpg.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-17914 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: denial of service in the function ReadOnePNGImage in coders/png.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-18271 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: infinite loop in ReadMIFFImage function in coders/miff.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-18273 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: infinite loop ReadTXTImage in function in coders/txt.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2017-9500 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u16ImageMagick: Assertion failure in ResetImageProfileIterator imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16642 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: out-of-bounds write in InsertRow function in coders/cut.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16643 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: missing check for fputc function in multiple files imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16644 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: improper check for length in ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16645 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: Out-of-memory ReadBMPImage of coders/bmp.c and ReadDIBImage of codes/dib.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2018-16749 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u14ImageMagick: reachable assertion in ReadOneJNGImage in coders/png.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2018-18025 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u15ImageMagick: heap-based buffer over-read in the EncodeImage function of coders/pict.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2019-11470 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: denial of service in cineon parsing component imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2019-12974 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u17imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2019-14981 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2019-15139 imagemagick-common 8:6.8.9.9-5+deb8u138:6.8.9.9-5+deb8u18ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c imagemagick-common:8:6.8.9.9-5+deb8u13
Medium CVE-2018-20217 krb5-multidev 1.12.1+dfsg-19+deb8u41.12.1+dfsg-19+deb8u5krb5: Reachable assertion in the KDC using S4U2Self requests krb5-multidev:1.12.1+dfsg-19+deb8u4
Medium CVE-2018-5729 krb5-multidev 1.12.1+dfsg-19+deb8u41.12.1+dfsg-19+deb8u5krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data krb5-multidev:1.12.1+dfsg-19+deb8u4
Medium CVE-2020-3810 libapt-pkg4.12 1.0.9.8.41.0.9.8.6Missing input validation in the ar/tar implementations of APT before v ... libapt-pkg4.12:1.0.9.8.4
Medium CVE-2016-3189 libbz2-1.0 1.0.6-71.0.6-7+deb8u1bzip2: heap use after free in bzip2recover libbz2-1.0:1.0.6-7
Medium CVE-2016-3189 libbz2-dev 1.0.6-71.0.6-7+deb8u1bzip2: heap use after free in bzip2recover libbz2-dev:1.0.6-7
Medium CVE-2019-5094 libcomerr2 1.42.12-21.42.12-2+deb8u1e2fsprogs: Crafted ext4 partition leads to out-of-bounds write libcomerr2:1.42.12-2
Medium CVE-2019-5188 libcomerr2 1.42.12-21.42.12-2+deb8u2e2fsprogs: Out-of-bounds write in e2fsck/rehash.c libcomerr2:1.42.12-2
Medium CVE-2019-15142 libdjvulibre-dev 3.5.25.4-43.5.25.4-4+deb8u1In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ... libdjvulibre-dev:3.5.25.4-4
Medium CVE-2019-15143 libdjvulibre-dev 3.5.25.4-43.5.25.4-4+deb8u1In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ... libdjvulibre-dev:3.5.25.4-4
Medium CVE-2019-15144 libdjvulibre-dev 3.5.25.4-43.5.25.4-4+deb8u1In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate< ... libdjvulibre-dev:3.5.25.4-4
Medium CVE-2019-15145 libdjvulibre-dev 3.5.25.4-43.5.25.4-4+deb8u1DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack ... libdjvulibre-dev:3.5.25.4-4
Medium CVE-2019-15142 libdjvulibre-text 3.5.25.4-43.5.25.4-4+deb8u1In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ... libdjvulibre-text:3.5.25.4-4
Medium CVE-2019-15143 libdjvulibre-text 3.5.25.4-43.5.25.4-4+deb8u1In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ... libdjvulibre-text:3.5.25.4-4
Medium CVE-2019-15144 libdjvulibre-text 3.5.25.4-43.5.25.4-4+deb8u1In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate< ... libdjvulibre-text:3.5.25.4-4
Medium CVE-2019-15145 libdjvulibre-text 3.5.25.4-43.5.25.4-4+deb8u1DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack ... libdjvulibre-text:3.5.25.4-4
Medium CVE-2019-15142 libdjvulibre21 3.5.25.4-43.5.25.4-4+deb8u1In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ... libdjvulibre21:3.5.25.4-4
Medium CVE-2019-15143 libdjvulibre21 3.5.25.4-43.5.25.4-4+deb8u1In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ... libdjvulibre21:3.5.25.4-4
Medium CVE-2019-15144 libdjvulibre21 3.5.25.4-43.5.25.4-4+deb8u1In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate< ... libdjvulibre21:3.5.25.4-4
Medium CVE-2019-15145 libdjvulibre21 3.5.25.4-43.5.25.4-4+deb8u1DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack ... libdjvulibre21:3.5.25.4-4
Medium CVE-2020-0093 libexif-dev 0.6.21-20.6.21-2+deb8u2libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c libexif-dev:0.6.21-2
Medium CVE-2020-0182 libexif-dev 0.6.21-20.6.21-2+deb8u4libexif: out of bounds read due to a missing bounds check in exif_entry_get_value function in exif-entry.c libexif-dev:0.6.21-2
Medium CVE-2020-12767 libexif-dev 0.6.21-20.6.21-2+deb8u2libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c libexif-dev:0.6.21-2
Medium CVE-2020-0093 libexif12 0.6.21-20.6.21-2+deb8u2libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c libexif12:0.6.21-2
Medium CVE-2020-0182 libexif12 0.6.21-20.6.21-2+deb8u4libexif: out of bounds read due to a missing bounds check in exif_entry_get_value function in exif-entry.c libexif12:0.6.21-2
Medium CVE-2020-12767 libexif12 0.6.21-20.6.21-2+deb8u2libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c libexif12:0.6.21-2
Medium CVE-2015-9382 libfreetype6 2.5.2-3+deb8u22.5.2-3+deb8u4freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read libfreetype6:2.5.2-3+deb8u2
Medium CVE-2015-9383 libfreetype6 2.5.2-3+deb8u22.5.2-3+deb8u4freetype: a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c may lead to a DoS libfreetype6:2.5.2-3+deb8u2
Medium CVE-2015-9382 libfreetype6-dev 2.5.2-3+deb8u22.5.2-3+deb8u4freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read libfreetype6-dev:2.5.2-3+deb8u2
Medium CVE-2015-9383 libfreetype6-dev 2.5.2-3+deb8u22.5.2-3+deb8u4freetype: a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c may lead to a DoS libfreetype6-dev:2.5.2-3+deb8u2
Medium CVE-2019-13627 libgcrypt20 1.6.3-2+deb8u51.6.3-2+deb8u8libgcrypt: ECDSA timing attack allowing private key leak libgcrypt20:1.6.3-2+deb8u5
Medium CVE-2018-5711 libgd3 2.1.0-5+deb8u112.1.0-5+deb8u12gd: Infinite loop in gdImageCreateFromGifCtx() in gd_gif_in.c libgd3:2.1.0-5+deb8u11
Medium CVE-2019-11038 libgd3 2.1.0-5+deb8u112.1.0-5+deb8u13gd: Information disclosure in gdImageCreateFromXbm() libgd3:2.1.0-5+deb8u11
Medium CVE-2017-6312 libgdk-pixbuf2.0-0 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Out-of-bounds read in io-ico.c libgdk-pixbuf2.0-0:2.31.1-2+deb8u7
Medium CVE-2017-6314 libgdk-pixbuf2.0-0 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Infinite loop in io-tiff.c libgdk-pixbuf2.0-0:2.31.1-2+deb8u7
Medium CVE-2017-6312 libgdk-pixbuf2.0-common 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Out-of-bounds read in io-ico.c libgdk-pixbuf2.0-common:2.31.1-2+deb8u7
Medium CVE-2017-6314 libgdk-pixbuf2.0-common 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Infinite loop in io-tiff.c libgdk-pixbuf2.0-common:2.31.1-2+deb8u7
Medium CVE-2017-6312 libgdk-pixbuf2.0-dev 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Out-of-bounds read in io-ico.c libgdk-pixbuf2.0-dev:2.31.1-2+deb8u7
Medium CVE-2017-6314 libgdk-pixbuf2.0-dev 2.31.1-2+deb8u72.31.1-2+deb8u8gdk-pixbuf: Infinite loop in io-tiff.c libgdk-pixbuf2.0-dev:2.31.1-2+deb8u7
Medium CVE-2018-10844 libgnutls-deb0-28 3.3.8-6+deb8u73.3.30-0+deb8u1gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls libgnutls-deb0-28:3.3.8-6+deb8u7
Medium CVE-2018-10845 libgnutls-deb0-28 3.3.8-6+deb8u73.3.30-0+deb8u1gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant libgnutls-deb0-28:3.3.8-6+deb8u7
Medium CVE-2018-10846 libgnutls-deb0-28 3.3.8-6+deb8u73.3.30-0+deb8u1gnutls: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery libgnutls-deb0-28:3.3.8-6+deb8u7
Medium CVE-2018-10844 libgnutls-openssl27 3.3.8-6+deb8u73.3.30-0+deb8u1gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls libgnutls-openssl27:3.3.8-6+deb8u7
Medium CVE-2018-10845 libgnutls-openssl27 3.3.8-6+deb8u73.3.30-0+deb8u1gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant libgnutls-openssl27:3.3.8-6+deb8u7
Medium CVE-2018-10846 libgnutls-openssl27 3.3.8-6+deb8u73.3.30-0+deb8u1gnutls: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery libgnutls-openssl27:3.3.8-6+deb8u7
Medium CVE-2018-20217 libgssapi-krb5-2 1.12.1+dfsg-19+deb8u41.12.1+dfsg-19+deb8u5krb5: Reachable assertion in the KDC using S4U2Self requests libgssapi-krb5-2:1.12.1+dfsg-19+deb8u4
Medium CVE-2018-5729 libgssapi-krb5-2 1.12.1+dfsg-19+deb8u41.12.1+dfsg-19+deb8u5krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data libgssapi-krb5-2:1.12.1+dfsg-19+deb8u4
Medium CVE-2018-20217 libgssrpc4 1.12.1+dfsg-19+deb8u41.12.1+dfsg-19+deb8u5krb5: Reachable assertion in the KDC using S4U2Self requests libgssrpc4:1.12.1+dfsg-19+deb8u4
Medium CVE-2018-5729 libgssrpc4 1.12.1+dfsg-19+deb8u41.12.1+dfsg-19+deb8u5krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data libgssrpc4:1.12.1+dfsg-19+deb8u4
Medium CVE-2017-2626 libice-dev 2:1.0.9-12:1.0.9-1+deb8u1libICE: weak entropy usage in session keys libice-dev:2:1.0.9-1
Medium CVE-2017-2626 libice6 2:1.0.9-12:1.0.9-1+deb8u1libICE: weak entropy usage in session keys libice6:2:1.0.9-1
Medium CVE-2015-5203 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u4jasper: integer overflow in jas_image_cmpt_create() libjasper-dev:1.900.1-debian1-2.4+deb8u3
Medium CVE-2015-5221 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u4jasper: use-after-free and double-free flaws in mif_process_cmpt() libjasper-dev:1.900.1-debian1-2.4+deb8u3
Medium CVE-2016-8690 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u4CVE-2016-8884 CVE-2016-8885 jasper: missing jas_matrix_create() parameter checks libjasper-dev:1.900.1-debian1-2.4+deb8u3
Medium CVE-2017-14132 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u4jasper: heap-based buffer over-read in jas_image_ishomosamp() libjasper-dev:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-18873 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: NULL pointer dereference in ras_putdatastd() in ras_enc.c libjasper-dev:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-19539 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: access violation in jas_image_readcmpt() in jas_image.c libjasper-dev:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-19542 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: invalid access in jp2_decode in libjasper/jp2/jp2_dec.c libjasper-dev:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-20570 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: heap-based buffer over-read in jp2_encode() libjasper-dev:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-20584 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: DoS / hang when converting to jp2 format libjasper-dev:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-20622 libjasper-dev 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: memory leak in jpc_dec_decodepkt() libjasper-dev:1.900.1-debian1-2.4+deb8u3
Medium CVE-2015-5203 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u4jasper: integer overflow in jas_image_cmpt_create() libjasper1:1.900.1-debian1-2.4+deb8u3
Medium CVE-2015-5221 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u4jasper: use-after-free and double-free flaws in mif_process_cmpt() libjasper1:1.900.1-debian1-2.4+deb8u3
Medium CVE-2016-8690 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u4CVE-2016-8884 CVE-2016-8885 jasper: missing jas_matrix_create() parameter checks libjasper1:1.900.1-debian1-2.4+deb8u3
Medium CVE-2017-14132 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u4jasper: heap-based buffer over-read in jas_image_ishomosamp() libjasper1:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-18873 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: NULL pointer dereference in ras_putdatastd() in ras_enc.c libjasper1:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-19539 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: access violation in jas_image_readcmpt() in jas_image.c libjasper1:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-19542 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: invalid access in jp2_decode in libjasper/jp2/jp2_dec.c libjasper1:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-20570 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: heap-based buffer over-read in jp2_encode() libjasper1:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-20584 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: DoS / hang when converting to jp2 format libjasper1:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-20622 libjasper1 1.900.1-debian1-2.4+deb8u31.900.1-debian1-2.4+deb8u5jasper: memory leak in jpc_dec_decodepkt() libjasper1:1.900.1-debian1-2.4+deb8u3
Medium CVE-2018-11212 libjpeg-dev 1:1.3.1-121:1.3.1-12+deb8u1libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c libjpeg-dev:1:1.3.1-12
Medium CVE-2018-11213 libjpeg-dev 1:1.3.1-121:1.3.1-12+deb8u1libjpeg: Segmentation fault in get_text_gray_row function in rdppm.c libjpeg-dev:1:1.3.1-12
Medium CVE-2018-11214 libjpeg-dev 1:1.3.1-121:1.3.1-12+deb8u1libjpeg: Segmentation fault in get_text_rgb_row function in rdppm.c libjpeg-dev:1:1.3.1-12
Medium CVE-2018-1152 libjpeg-dev 1:1.3.1-121:1.3.1-12+deb8u1libjpeg-turbo: Divide by zero allows for denial of service via crafted BMP image libjpeg-dev:1:1.3.1-12
Medium CVE-2018-14498 libjpeg-dev 1:1.3.1-121:1.3.1-12+deb8u2libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service libjpeg-dev:1:1.3.1-12
Medium CVE-2018-11212 libjpeg62-turbo 1:1.3.1-121:1.3.1-12+deb8u1libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c libjpeg62-turbo:1:1.3.1-12
Medium CVE-2018-11213 libjpeg62-turbo 1:1.3.1-121:1.3.1-12+deb8u1libjpeg: Segmentation fault in get_text_gray_row function in rdppm.c libjpeg62-turbo:1:1.3.1-12
Medium CVE-2018-11214 libjpeg62-turbo 1:1.3.1-121:1.3.1-12+deb8u1libjpeg: Segmentation fault in get_text_rgb_row function in rdppm.c libjpeg62-turbo:1:1.3.1-12
Medium CVE-2018-1152 libjpeg62-turbo 1:1.3.1-121:1.3.1-12+deb8u1libjpeg-turbo: Divide by zero allows for denial of service via crafted BMP image libjpeg62-turbo:1:1.3.1-12

Command

ADD file:8d73a09e59fe50289a6d0c019302aefe2e00ac6411e82404389c0c83f50cf08a in /
Vulnerable packages, installed in this layer 5 years ago
libbz2-1.0 1.0.6-7 perl-base 5.20.2-3+deb8u11 zlib1g 1:1.2.8.dfsg-2 apt 1.0.9.8.4 bash 4.3-11+deb8u1 libapt-pkg4.12 1.0.9.8.4 libsystemd0 215-17+deb8u7 libtasn1-6 4.2-3+deb8u3 libudev1 215-17+deb8u7 systemd 215-17+deb8u7 systemd-sysv 215-17+deb8u7 udev 215-17+deb8u7 e2fslibs 1.42.12-2 e2fsprogs 1.42.12-2 libcomerr2 1.42.12-2 libgcrypt20 1.6.3-2+deb8u5 libgnutls-deb0-28 3.3.8-6+deb8u7 libgnutls-openssl27 3.3.8-6+deb8u7

Command

CMD ["bash"]

Command

RUN apt-get update &&
    apt-get install -y --no-install-recommends ca-certificates curl netbase wget &&
    rm -rf /var/lib/apt/lists/*
Vulnerable packages, installed in this layer 5 years ago
curl 7.38.0-4+deb8u11 libcurl3 7.38.0-4+deb8u11 libssh2-1 1.4.3-4.1+deb8u1 wget 1.16-1+deb8u5 libicu52 52.1-8+deb8u7 libldap-2.4-2 2.4.40+dfsg-1+deb8u4 libsasl2-2 2.1.26.dfsg1-13+deb8u1 libsasl2-modules-db 2.1.26.dfsg1-13+deb8u1 libgssapi-krb5-2 1.12.1+dfsg-19+deb8u4

Command

RUN set -ex;
    if ! command -v gpg > /dev/null;
    then apt-get update;
    apt-get install -y --no-install-recommends gnupg dirmngr;
    rm -rf /var/lib/apt/lists/*;
    fi

Command

RUN apt-get update &&
    apt-get install -y --no-install-recommends bzr git mercurial openssh-client subversion procps &&
    rm -rf /var/lib/apt/lists/*
Vulnerable packages, installed in this layer 5 years ago
git 1:2.1.4-2.1+deb8u6 git-man 1:2.1.4-2.1+deb8u6 libbsd0 0.7.0-2 libcurl3-gnutls 7.38.0-4+deb8u11 libpython2.7-minimal 2.7.9-2+deb8u1 libpython2.7-stdlib 2.7.9-2+deb8u1 libsqlite3-0 3.8.7.1-1+deb8u2 openssh-client 1:6.7p1-5+deb8u5 perl 5.20.2-3+deb8u11 perl-modules 5.20.2-3+deb8u11 python2.7 2.7.9-2+deb8u1 python2.7-minimal 2.7.9-2+deb8u1 libexpat1 2.1.0-6+deb8u4 libsvn1 1.8.10-6+deb8u6 subversion 1.8.10-6+deb8u6

Command

RUN set -ex;
    apt-get update;
    apt-get install -y --no-install-recommends autoconf automake bzip2 dpkg-dev file g++ gcc imagemagick libbz2-dev libc6-dev libcurl4-openssl-dev libdb-dev libevent-dev libffi-dev libgdbm-dev libgeoip-de...;
    then echo 'default-libmysqlclient-dev';
    else echo 'libmysqlclient-dev';
    fi );
    rm -rf /var/lib/apt/lists/*
Vulnerable packages, installed in this layer 5 years ago
bzip2 1.0.6-7 file 1:5.22+15-2+deb8u4 imagemagick 8:6.8.9.9-5+deb8u13 imagemagick-6.q16 8:6.8.9.9-5+deb8u13 imagemagick-common 8:6.8.9.9-5+deb8u13 libbz2-dev 1.0.6-7 libcurl4-openssl-dev 7.38.0-4+deb8u11 libexif-dev 0.6.21-2 libexif12 0.6.21-2 libfreetype6 2.5.2-3+deb8u2 libfreetype6-dev 2.5.2-3+deb8u2 libgd3 2.1.0-5+deb8u11 libglib2.0-0 2.42.1-1 libglib2.0-bin 2.42.1-1 libglib2.0-data 2.42.1-1 libglib2.0-dev 2.42.1-1 libmagic1 1:5.22+15-2+deb8u4 libmagickcore-6-arch-config 8:6.8.9.9-5+deb8u13 libmagickcore-6-headers 8:6.8.9.9-5+deb8u13 libmagickcore-6.q16-2 8:6.8.9.9-5+deb8u13

Command

RUN groupadd --gid 1000 node &&
    useradd --uid 1000 --gid node --shell /bin/bash --create-home node

Command

RUN set -ex &&
    for key in 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 FD3A5288F042B6850C66B31F09FE44734EB7990E 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 DD8F2338BAE7501E3DD5AC78C273792F7D83545D C4F0DFFF4E8C1A8236409D08E...

Command

ENV NODE_VERSION=8.12.0

Command

RUN ARCH= &&
    dpkgArch="$(dpkg --print-architecture)" &&
    case "${dpkgArch##*-}" in amd64) ARCH='x64';; ppc64el) ARCH='ppc64le';; s390x) ARCH='s390x';; arm64) ARCH='arm64';; armhf) ARCH='armv7l';; i386) ARCH='x86';; *) echo "unsupported architecture"; exit 1... &&
    curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" &&
    curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" &&
    gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc &&
    grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - &&
    tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner &&
    rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt &&
    ln -s /usr/local/bin/node /usr/local/bin/nodejs
Vulnerable packages, installed in this layer 5 years ago
json-schema 0.2.3 minimist 0.0.8 minimist 1.2.0 ansi-regex 3.0.0 dot-prop 4.2.0 fstream 1.0.11 ini 1.3.5 npm 6.4.1 npm-user-validate 1.0.0 ssri 5.3.0 ssri 6.0.0 tar 2.2.1 tar 4.4.6 y18n 3.2.1 y18n 4.0.0

Command

ENV YARN_VERSION=1.9.4

Command

RUN set -ex &&
    for key in 6A010C5166006599AA17F08146C2130DFD2497F5 ; do gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || gpg --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key... &&
    curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" &&
    curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" &&
    gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz &&
    mkdir -p /opt &&
    tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ &&
    ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn &&
    ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg &&
    rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz
Vulnerable package, installed in this layer 5 years ago
yarn 1.9.4

Command

CMD ["node"]

Command

WORKDIR /usr/src/app

Command

COPY multi:1418a7f03b4e1c21149a8b06c6c6163bf254f207c7f00cb3b787d07ab184b80c in ./

Command

RUN npm install
Vulnerable packages, installed in this layer 5 years ago
constantinople 3.0.2 cryptiles 3.1.2 deep-extend 0.4.2 https-proxy-agent 2.1.1 lodash 3.10.1 lodash 4.17.5 hawk 6.0.2 http-proxy-agent 2.0.0 npm 5.8.0 sshpk 1.13.1 ssri 5.2.4 tar 4.4.0 uglify-js 2.2.5

Command

COPY dir:b7e504e7533b05617f18fb7530f15d7e905029fc681ff4c7c36d2739a473cc83 in .

Command

EXPOSE 8080

Command

CMD ["npm" "start"]
Dynamic Analysis Results
The following graph outlines the most important system events generated by the container:
The container made the following DNS requests:
RequestResponse
A → registry.npmjs.org A → 104.16.24.35
A → 104.16.23.35
A → 104.16.25.35
A → 104.16.27.35
A → 104.16.26.35
A → 104.16.18.35
A → 104.16.20.35
A → 104.16.21.35
A → 104.16.22.35
A → 104.16.17.35
A → 104.16.16.35
A → 104.16.19.35
AAAA → registry.npmjs.org AAAA → 2606:4700::6810:1823
AAAA → 2606:4700::6810:1b23
AAAA → 2606:4700::6810:1123
AAAA → 2606:4700::6810:1a23
AAAA → 2606:4700::6810:1923
AAAA → 2606:4700::6810:1323
AAAA → 2606:4700::6810:1623
AAAA → 2606:4700::6810:1023
AAAA → 2606:4700::6810:1723
AAAA → 2606:4700::6810:1223
AAAA → 2606:4700::6810:1523
AAAA → 2606:4700::6810:1423
A → ajax.googleapis.com A → 142.251.16.95
AAAA → ajax.googleapis.com AAAA → 2607:f8b0:4004:c09::5f
AAAA → maxcdn.bootstrapcdn.com AAAA → 2606:4700::6812:acf
AAAA → 2606:4700::6812:bcf
A → maxcdn.bootstrapcdn.com A → 104.18.11.207
A → 104.18.10.207
The container attempts to connect to the following remote hosts:
IP address Domain Location Coordinates ASN organization
104.16.23.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
104.16.24.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
142.251.16.95 ajax.googleapis.com United States 37.751, -97.822 GOOGLE
104.16.20.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
104.16.25.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
104.16.22.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
104.16.17.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
104.16.26.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
104.16.27.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
104.18.11.207 maxcdn.bootstrapcdn.com San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
104.16.16.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
104.16.18.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
104.16.19.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
104.16.21.35 registry.npmjs.org San Francisco, United States 37.7621, -122.3971 Cloudflare, Inc.
The container starts a service that renders the following contents over port 8080:
The container produces the following text output:
user@host: ~