elenakves/train-schedule
Region: us-west-2
Scan Summary
Critical vulnerabilities
192Malicious files
0Last scan
1 year, 9 months ago
Type of scan
Prevasio CSPMScan duration
4 minutes and 7 secondsImage Details
Image URI
elenakves/train-scheduleImage tags
latestDigest
—Created
5 years ago
Compressed size
269.54 MBUncompressed size
672.48 MBOS/architecture
linux/amd64OS distribution
debian 8.11 (reached end of life)Working directory
usr/src/appENTRYPOINT
—CMD
npmstartUser
—Ports
8080/tcpVolumes
—Environment variables
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
NODE_VERSION=8.12.0
YARN_VERSION=1.9.4
Overview
Critical
192High
582Medium
953Low
57Informational
0Vulnerabilities (1,000)
Severity | Name | Package | Version | Fixed in | Description | Package:version |
---|---|---|---|---|---|---|
Critical | CVE-2019-12900 | bzip2 | 1.0.6-7 | 1.0.6-7+deb8u1 | bzip2: out-of-bounds write in function BZ2_decompress | bzip2:1.0.6-7 |
Critical | CVE-2016-7167 | curl | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: escape and unescape integer overflows | curl:7.38.0-4+deb8u11 |
Critical | CVE-2018-14618 | curl | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u12 | curl: NTLM password overflow via integer overflow | curl:7.38.0-4+deb8u11 |
Critical | CVE-2018-16839 | curl | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message() | curl:7.38.0-4+deb8u11 |
Critical | CVE-2018-16842 | curl | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Heap-based buffer over-read in the curl tool warning formatting | curl:7.38.0-4+deb8u11 |
Critical | CVE-2019-3822 | curl | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: NTLMv2 type-3 header stack buffer overflow | curl:7.38.0-4+deb8u11 |
Critical | CVE-2019-5482 | curl | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u16 | curl: heap buffer overflow in function tftp_receive_packet() | curl:7.38.0-4+deb8u11 |
Critical | CVE-2019-18218 | file | 1:5.22+15-2+deb8u4 | 1:5.22+15-2+deb8u6 | file: heap-based buffer overflow in cdf_read_property_info in cdf.c | file:1:5.22+15-2+deb8u4 |
Critical | CVE-2018-17456 | git | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u7 | git: arbitrary code execution via .gitmodules | git:1:2.1.4-2.1+deb8u6 |
Critical | CVE-2019-1353 | git | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u8 | git: NTFS protections inactive when running Git in the Windows Subsystem for Linux | git:1:2.1.4-2.1+deb8u6 |
Critical | CVE-2018-17456 | git-man | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u7 | git: arbitrary code execution via .gitmodules | git-man:1:2.1.4-2.1+deb8u6 |
Critical | CVE-2019-1353 | git-man | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u8 | git: NTFS protections inactive when running Git in the Windows Subsystem for Linux | git-man:1:2.1.4-2.1+deb8u6 |
Critical | CVE-2017-14532 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | imagemagick:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | imagemagick:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | imagemagick:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | imagemagick:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14532 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14532 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2016-2090 | libbsd0 | 0.7.0-2 | 0.7.0-2+deb8u1 | Off-by-one vulnerability in the fgetwln function in libbsd before 0.8. ... | libbsd0:0.7.0-2 |
Critical | CVE-2019-12900 | libbz2-1.0 | 1.0.6-7 | 1.0.6-7+deb8u1 | bzip2: out-of-bounds write in function BZ2_decompress | libbz2-1.0:1.0.6-7 |
Critical | CVE-2019-12900 | libbz2-dev | 1.0.6-7 | 1.0.6-7+deb8u1 | bzip2: out-of-bounds write in function BZ2_decompress | libbz2-dev:1.0.6-7 |
Critical | CVE-2016-7167 | libcurl3 | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: escape and unescape integer overflows | libcurl3:7.38.0-4+deb8u11 |
Critical | CVE-2018-14618 | libcurl3 | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u12 | curl: NTLM password overflow via integer overflow | libcurl3:7.38.0-4+deb8u11 |
Critical | CVE-2018-16839 | libcurl3 | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message() | libcurl3:7.38.0-4+deb8u11 |
Critical | CVE-2018-16842 | libcurl3 | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Heap-based buffer over-read in the curl tool warning formatting | libcurl3:7.38.0-4+deb8u11 |
Critical | CVE-2019-3822 | libcurl3 | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: NTLMv2 type-3 header stack buffer overflow | libcurl3:7.38.0-4+deb8u11 |
Critical | CVE-2019-5482 | libcurl3 | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u16 | curl: heap buffer overflow in function tftp_receive_packet() | libcurl3:7.38.0-4+deb8u11 |
Critical | CVE-2016-7167 | libcurl3-gnutls | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: escape and unescape integer overflows | libcurl3-gnutls:7.38.0-4+deb8u11 |
Critical | CVE-2018-14618 | libcurl3-gnutls | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u12 | curl: NTLM password overflow via integer overflow | libcurl3-gnutls:7.38.0-4+deb8u11 |
Critical | CVE-2018-16839 | libcurl3-gnutls | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message() | libcurl3-gnutls:7.38.0-4+deb8u11 |
Critical | CVE-2018-16842 | libcurl3-gnutls | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Heap-based buffer over-read in the curl tool warning formatting | libcurl3-gnutls:7.38.0-4+deb8u11 |
Critical | CVE-2019-3822 | libcurl3-gnutls | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: NTLMv2 type-3 header stack buffer overflow | libcurl3-gnutls:7.38.0-4+deb8u11 |
Critical | CVE-2019-5482 | libcurl3-gnutls | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u16 | curl: heap buffer overflow in function tftp_receive_packet() | libcurl3-gnutls:7.38.0-4+deb8u11 |
Critical | CVE-2016-7167 | libcurl4-openssl-dev | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: escape and unescape integer overflows | libcurl4-openssl-dev:7.38.0-4+deb8u11 |
Critical | CVE-2018-14618 | libcurl4-openssl-dev | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u12 | curl: NTLM password overflow via integer overflow | libcurl4-openssl-dev:7.38.0-4+deb8u11 |
Critical | CVE-2018-16839 | libcurl4-openssl-dev | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message() | libcurl4-openssl-dev:7.38.0-4+deb8u11 |
Critical | CVE-2018-16842 | libcurl4-openssl-dev | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Heap-based buffer over-read in the curl tool warning formatting | libcurl4-openssl-dev:7.38.0-4+deb8u11 |
Critical | CVE-2019-3822 | libcurl4-openssl-dev | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: NTLMv2 type-3 header stack buffer overflow | libcurl4-openssl-dev:7.38.0-4+deb8u11 |
Critical | CVE-2019-5482 | libcurl4-openssl-dev | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u16 | curl: heap buffer overflow in function tftp_receive_packet() | libcurl4-openssl-dev:7.38.0-4+deb8u11 |
Critical | CVE-2017-7544 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u2 | libexif: Out-of-bounds heap read in exif_data_save_data_entry function | libexif-dev:0.6.21-2 |
Critical | CVE-2020-13112 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u3 | libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS | libexif-dev:0.6.21-2 |
Critical | CVE-2017-7544 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u2 | libexif: Out-of-bounds heap read in exif_data_save_data_entry function | libexif12:0.6.21-2 |
Critical | CVE-2020-13112 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u3 | libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS | libexif12:0.6.21-2 |
Critical | CVE-2015-9290 | libfreetype6 | 2.5.2-3+deb8u2 | 2.5.2-3+deb8u3 | freetype: buffer over-read in function T1_Get_Private_Dict in type1/t1parse.c | libfreetype6:2.5.2-3+deb8u2 |
Critical | CVE-2015-9290 | libfreetype6-dev | 2.5.2-3+deb8u2 | 2.5.2-3+deb8u3 | freetype: buffer over-read in function T1_Get_Private_Dict in type1/t1parse.c | libfreetype6-dev:2.5.2-3+deb8u2 |
Critical | CVE-2019-6978 | libgd3 | 2.1.0-5+deb8u11 | 2.1.0-5+deb8u12 | gd: Double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c | libgd3:2.1.0-5+deb8u11 |
Critical | CVE-2018-16428 | libglib2.0-0 | 2.42.1-1 | 2.42.1-1+deb8u2 | glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c | libglib2.0-0:2.42.1-1 |
Critical | CVE-2019-12450 | libglib2.0-0 | 2.42.1-1 | 2.42.1-1+deb8u1 | glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress | libglib2.0-0:2.42.1-1 |
Critical | CVE-2018-16428 | libglib2.0-bin | 2.42.1-1 | 2.42.1-1+deb8u2 | glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c | libglib2.0-bin:2.42.1-1 |
Critical | CVE-2019-12450 | libglib2.0-bin | 2.42.1-1 | 2.42.1-1+deb8u1 | glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress | libglib2.0-bin:2.42.1-1 |
Critical | CVE-2018-16428 | libglib2.0-data | 2.42.1-1 | 2.42.1-1+deb8u2 | glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c | libglib2.0-data:2.42.1-1 |
Critical | CVE-2019-12450 | libglib2.0-data | 2.42.1-1 | 2.42.1-1+deb8u1 | glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress | libglib2.0-data:2.42.1-1 |
Critical | CVE-2018-16428 | libglib2.0-dev | 2.42.1-1 | 2.42.1-1+deb8u2 | glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c | libglib2.0-dev:2.42.1-1 |
Critical | CVE-2019-12450 | libglib2.0-dev | 2.42.1-1 | 2.42.1-1+deb8u1 | glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress | libglib2.0-dev:2.42.1-1 |
Critical | CVE-2019-18218 | libmagic1 | 1:5.22+15-2+deb8u4 | 1:5.22+15-2+deb8u6 | file: heap-based buffer overflow in cdf_read_property_info in cdf.c | libmagic1:1:5.22+15-2+deb8u4 |
Critical | CVE-2017-14532 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14532 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14532 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14532 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14532 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14532 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14532 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14532 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14532 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14532 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the TIFFIgnoreTags function | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14624 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the PostscriptDelegateMessage function | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14625 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_output_create function | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2017-14626 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the sixel_decode function | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19948 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2019-19949 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u19 | ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
Critical | CVE-2015-5297 | libpixman-1-0 | 0.32.6-3 | 0.32.6-3+deb8u1 | pixman: general_composite_rect() integer overflow | libpixman-1-0:0.32.6-3 |
Critical | CVE-2015-5297 | libpixman-1-dev | 0.32.6-3 | 0.32.6-3+deb8u1 | pixman: general_composite_rect() integer overflow | libpixman-1-dev:0.32.6-3 |
Critical | CVE-2017-1000158 | libpython2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: Integer overflow in PyString_DecodeEscape results in heap-base buffer overflow | libpython2.7-minimal:2.7.9-2+deb8u1 |
Critical | CVE-2018-1000802 | libpython2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: Command injection in the shutil module | libpython2.7-minimal:2.7.9-2+deb8u1 |
Critical | CVE-2019-9636 | libpython2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Information Disclosure due to urlsplit improper NFKC normalization | libpython2.7-minimal:2.7.9-2+deb8u1 |
Critical | CVE-2019-9948 | libpython2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms | libpython2.7-minimal:2.7.9-2+deb8u1 |
Critical | CVE-2017-1000158 | libpython2.7-stdlib | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: Integer overflow in PyString_DecodeEscape results in heap-base buffer overflow | libpython2.7-stdlib:2.7.9-2+deb8u1 |
Critical | CVE-2018-1000802 | libpython2.7-stdlib | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: Command injection in the shutil module | libpython2.7-stdlib:2.7.9-2+deb8u1 |
Critical | CVE-2019-9636 | libpython2.7-stdlib | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Information Disclosure due to urlsplit improper NFKC normalization | libpython2.7-stdlib:2.7.9-2+deb8u1 |
Critical | CVE-2019-9948 | libpython2.7-stdlib | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms | libpython2.7-stdlib:2.7.9-2+deb8u1 |
Critical | CVE-2017-10989 | libsqlite3-0 | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u4 | sqlite: Heap-buffer overflow in the getNodeSize function | libsqlite3-0:3.8.7.1-1+deb8u2 |
Critical | CVE-2017-2518 | libsqlite3-0 | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u4 | An issue was discovered in certain Apple products. iOS before 10.3.2 i ... | libsqlite3-0:3.8.7.1-1+deb8u2 |
Critical | CVE-2017-2519 | libsqlite3-0 | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u4 | An issue was discovered in certain Apple products. iOS before 10.3.2 i ... | libsqlite3-0:3.8.7.1-1+deb8u2 |
Critical | CVE-2017-2520 | libsqlite3-0 | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u4 | An issue was discovered in certain Apple products. iOS before 10.3.2 i ... | libsqlite3-0:3.8.7.1-1+deb8u2 |
Critical | CVE-2017-10989 | libsqlite3-dev | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u4 | sqlite: Heap-buffer overflow in the getNodeSize function | libsqlite3-dev:3.8.7.1-1+deb8u2 |
Critical | CVE-2017-2518 | libsqlite3-dev | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u4 | An issue was discovered in certain Apple products. iOS before 10.3.2 i ... | libsqlite3-dev:3.8.7.1-1+deb8u2 |
Critical | CVE-2017-2519 | libsqlite3-dev | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u4 | An issue was discovered in certain Apple products. iOS before 10.3.2 i ... | libsqlite3-dev:3.8.7.1-1+deb8u2 |
Critical | CVE-2017-2520 | libsqlite3-dev | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u4 | An issue was discovered in certain Apple products. iOS before 10.3.2 i ... | libsqlite3-dev:3.8.7.1-1+deb8u2 |
Critical | CVE-2019-3858 | libssh2-1 | 1.4.3-4.1+deb8u1 | 1.4.3-4.1+deb8u2 | libssh2: Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read | libssh2-1:1.4.3-4.1+deb8u1 |
Critical | CVE-2019-3859 | libssh2-1 | 1.4.3-4.1+deb8u1 | 1.4.3-4.1+deb8u4 | libssh2: Unchecked use of _libssh2_packet_require and _libssh2_packet_requirev resulting in out-of-bounds read | libssh2-1:1.4.3-4.1+deb8u1 |
Critical | CVE-2019-3860 | libssh2-1 | 1.4.3-4.1+deb8u1 | 1.4.3-4.1+deb8u5 | libssh2: Out-of-bounds reads with specially crafted SFTP packets | libssh2-1:1.4.3-4.1+deb8u1 |
Critical | CVE-2019-3861 | libssh2-1 | 1.4.3-4.1+deb8u1 | 1.4.3-4.1+deb8u2 | libssh2: Out-of-bounds reads with specially crafted SSH packets | libssh2-1:1.4.3-4.1+deb8u1 |
Critical | CVE-2019-3862 | libssh2-1 | 1.4.3-4.1+deb8u1 | 1.4.3-4.1+deb8u2 | libssh2: Out-of-bounds memory comparison with specially crafted message channel request | libssh2-1:1.4.3-4.1+deb8u1 |
Critical | CVE-2016-4609 | libxslt1-dev | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u5 | libxslt: Out-of-bounds read at xmlGetLineNoInternal() | libxslt1-dev:1.1.28-2+deb8u3 |
Critical | CVE-2016-4610 | libxslt1-dev | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u5 | libxslt: Invalid memory access leading to DoS at exsltDynMapFunction() | libxslt1-dev:1.1.28-2+deb8u3 |
Critical | CVE-2019-11068 | libxslt1-dev | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u4 | libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL | libxslt1-dev:1.1.28-2+deb8u3 |
Critical | CVE-2016-4609 | libxslt1.1 | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u5 | libxslt: Out-of-bounds read at xmlGetLineNoInternal() | libxslt1.1:1.1.28-2+deb8u3 |
Critical | CVE-2016-4610 | libxslt1.1 | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u5 | libxslt: Invalid memory access leading to DoS at exsltDynMapFunction() | libxslt1.1:1.1.28-2+deb8u3 |
Critical | CVE-2019-11068 | libxslt1.1 | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u4 | libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL | libxslt1.1:1.1.28-2+deb8u3 |
Critical | CVE-2019-10126 | linux-libc-dev | 3.16.57-2 | 3.16.68-2 | kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c | linux-libc-dev:3.16.57-2 |
Critical | CVE-2019-14895 | linux-libc-dev | 3.16.57-2 | 3.16.81-1 | kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c | linux-libc-dev:3.16.57-2 |
Critical | CVE-2019-14896 | linux-libc-dev | 3.16.57-2 | 3.16.81-1 | kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c | linux-libc-dev:3.16.57-2 |
Critical | CVE-2019-14897 | linux-libc-dev | 3.16.57-2 | 3.16.81-1 | kernel: stack-based buffer overflow in add_ie_rates function in drivers/net/wireless/marvell/libertas/cfg.c | linux-libc-dev:3.16.57-2 |
Critical | CVE-2019-14901 | linux-libc-dev | 3.16.57-2 | 3.16.81-1 | kernel: heap overflow in marvell/mwifiex/tdls.c | linux-libc-dev:3.16.57-2 |
Critical | CVE-2019-15292 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | kernel: Use-after-free in atalk_proc_exit function in net/appletalk | linux-libc-dev:3.16.57-2 |
Critical | CVE-2019-15505 | linux-libc-dev | 3.16.57-2 | 3.16.81-1 | kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c | linux-libc-dev:3.16.57-2 |
Critical | CVE-2019-15926 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | kernel: out of bounds access in functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx | linux-libc-dev:3.16.57-2 |
Critical | CVE-2019-16746 | linux-libc-dev | 3.16.57-2 | 3.16.81-1 | kernel: buffer-overflow hardening in WiFi beacon validation code. | linux-libc-dev:3.16.57-2 |
Critical | CVE-2019-17133 | linux-libc-dev | 3.16.57-2 | 3.16.81-1 | kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c | linux-libc-dev:3.16.57-2 |
Critical | CVE-2016-1908 | openssh-client | 1:6.7p1-5+deb8u5 | 1:6.7p1-5+deb8u6 | openssh: possible fallback from untrusted to trusted X11 forwarding | openssh-client:1:6.7p1-5+deb8u5 |
Critical | CVE-2018-18311 | perl | 5.20.2-3+deb8u11 | 5.20.2-3+deb8u12 | perl: Integer overflow leading to buffer overflow in Perl_my_setenv() | perl:5.20.2-3+deb8u11 |
Critical | CVE-2018-18311 | perl-base | 5.20.2-3+deb8u11 | 5.20.2-3+deb8u12 | perl: Integer overflow leading to buffer overflow in Perl_my_setenv() | perl-base:5.20.2-3+deb8u11 |
Critical | CVE-2018-18311 | perl-modules | 5.20.2-3+deb8u11 | 5.20.2-3+deb8u12 | perl: Integer overflow leading to buffer overflow in Perl_my_setenv() | perl-modules:5.20.2-3+deb8u11 |
Critical | CVE-2017-1000158 | python2.7 | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: Integer overflow in PyString_DecodeEscape results in heap-base buffer overflow | python2.7:2.7.9-2+deb8u1 |
Critical | CVE-2018-1000802 | python2.7 | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: Command injection in the shutil module | python2.7:2.7.9-2+deb8u1 |
Critical | CVE-2019-9636 | python2.7 | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Information Disclosure due to urlsplit improper NFKC normalization | python2.7:2.7.9-2+deb8u1 |
Critical | CVE-2019-9948 | python2.7 | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms | python2.7:2.7.9-2+deb8u1 |
Critical | CVE-2017-1000158 | python2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: Integer overflow in PyString_DecodeEscape results in heap-base buffer overflow | python2.7-minimal:2.7.9-2+deb8u1 |
Critical | CVE-2018-1000802 | python2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: Command injection in the shutil module | python2.7-minimal:2.7.9-2+deb8u1 |
Critical | CVE-2019-9636 | python2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Information Disclosure due to urlsplit improper NFKC normalization | python2.7-minimal:2.7.9-2+deb8u1 |
Critical | CVE-2019-9948 | python2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms | python2.7-minimal:2.7.9-2+deb8u1 |
Critical | CVE-2019-5953 | wget | 1.16-1+deb8u5 | 1.16-1+deb8u6 | wget: do_conversion() heap-based buffer overflow vulnerability | wget:1.16-1+deb8u5 |
Critical | CVE-2016-9841 | zlib1g | 1:1.2.8.dfsg-2 | 1:1.2.8.dfsg-2+deb8u1 | zlib: Out-of-bounds pointer arithmetic in inffast.c | zlib1g:1:1.2.8.dfsg-2 |
Critical | CVE-2016-9843 | zlib1g | 1:1.2.8.dfsg-2 | 1:1.2.8.dfsg-2+deb8u1 | zlib: Big-endian out-of-bounds pointer | zlib1g:1:1.2.8.dfsg-2 |
Critical | CVE-2016-9841 | zlib1g-dev | 1:1.2.8.dfsg-2 | 1:1.2.8.dfsg-2+deb8u1 | zlib: Out-of-bounds pointer arithmetic in inffast.c | zlib1g-dev:1:1.2.8.dfsg-2 |
Critical | CVE-2016-9843 | zlib1g-dev | 1:1.2.8.dfsg-2 | 1:1.2.8.dfsg-2+deb8u1 | zlib: Big-endian out-of-bounds pointer | zlib1g-dev:1:1.2.8.dfsg-2 |
Critical | GHSA-4vmm-mhcq-4x9j | constantinople | 3.0.2 | 3.1.1 | Sandbox Bypass Leading to Arbitrary Code Execution in constantinople | constantinople:3.0.2 |
Critical | CVE-2018-1000620 | cryptiles | 3.1.2 | >=4.1.2 | nodejs-cryptiles: Insecure randomness causes the randomDigits() function returns a pseudo-random data string biased to certain digits | cryptiles:3.1.2 |
Critical | CVE-2018-3750 | deep-extend | 0.4.2 | 0.5.1 | nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties | deep-extend:0.4.2 |
Critical | CVE-2018-3739 | https-proxy-agent | 2.1.1 | 2.2.0 | nodejs-https-proxy-agent: Unsanitized options passed to Buffer() allow for denial of service | https-proxy-agent:2.1.1 |
Critical | CVE-2021-3918 | json-schema | 0.2.3 | 0.4.0 | nodejs-json-schema: Prototype pollution vulnerability | json-schema:0.2.3 |
Critical | CVE-2019-10744 | lodash | 3.10.1 | 4.17.12 | nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties | lodash:3.10.1 |
Critical | CVE-2019-10744 | lodash | 4.17.5 | 4.17.12 | nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties | lodash:4.17.5 |
Critical | CVE-2021-44906 | minimist | 0.0.8 | 1.2.6 | minimist: prototype pollution | minimist:0.0.8 |
Critical | CVE-2021-44906 | minimist | 1.2.0 | 1.2.6 | minimist: prototype pollution | minimist:1.2.0 |
High | CVE-2019-3462 | apt | 1.0.9.8.4 | 1.0.9.8.5 | Incorrect sanitation of the 302 redirect field in HTTP transport metho ... | apt:1.0.9.8.4 |
High | CVE-2019-9924 | bash | 4.3-11+deb8u1 | 4.3-11+deb8u2 | bash: BASH_CMD is writable in restricted bash shells | bash:4.3-11+deb8u1 |
High | CVE-2016-7141 | curl | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Incorrect reuse of client certificates | curl:7.38.0-4+deb8u11 |
High | CVE-2016-9586 | curl | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: printf floating point buffer overflow | curl:7.38.0-4+deb8u11 |
High | CVE-2018-16890 | curl | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: NTLM type-2 heap out-of-bounds buffer read | curl:7.38.0-4+deb8u11 |
High | CVE-2019-3823 | curl | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: SMTP end-of-response out-of-bounds read | curl:7.38.0-4+deb8u11 |
High | CVE-2019-5436 | curl | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u15 | curl: TFTP receive heap buffer overflow in tftp_receive_packet() function | curl:7.38.0-4+deb8u11 |
High | CVE-2019-8907 | file | 1:5.22+15-2+deb8u4 | 1:5.22+15-2+deb8u5 | file: do_core_note in readelf.c allows remote attackers to cause a denial of service | file:1:5.22+15-2+deb8u4 |
High | CVE-2016-6352 | gir1.2-gdkpixbuf-2.0 | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Out-of-bounds write in OneLine32() function | gir1.2-gdkpixbuf-2.0:2.31.1-2+deb8u7 |
High | CVE-2017-2870 | gir1.2-gdkpixbuf-2.0 | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf2: Integer overflow in tiff_image_parse function | gir1.2-gdkpixbuf-2.0:2.31.1-2+deb8u7 |
High | CVE-2017-6313 | gir1.2-gdkpixbuf-2.0 | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Integer underflow in io-icns.c | gir1.2-gdkpixbuf-2.0:2.31.1-2+deb8u7 |
High | CVE-2019-1349 | git | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u8 | git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ | git:1:2.1.4-2.1+deb8u6 |
High | CVE-2019-1352 | git | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u8 | git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams | git:1:2.1.4-2.1+deb8u6 |
High | CVE-2019-1387 | git | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u8 | git: Remote code execution in recursive clones with nested submodules | git:1:2.1.4-2.1+deb8u6 |
High | CVE-2020-11008 | git | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u10 | git: Crafted URL containing new lines, empty host or lacks a scheme can cause credential leak | git:1:2.1.4-2.1+deb8u6 |
High | CVE-2020-5260 | git | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u9 | git: Crafted URL containing new lines can cause credential leak | git:1:2.1.4-2.1+deb8u6 |
High | CVE-2019-1349 | git-man | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u8 | git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ | git-man:1:2.1.4-2.1+deb8u6 |
High | CVE-2019-1352 | git-man | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u8 | git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams | git-man:1:2.1.4-2.1+deb8u6 |
High | CVE-2019-1387 | git-man | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u8 | git: Remote code execution in recursive clones with nested submodules | git-man:1:2.1.4-2.1+deb8u6 |
High | CVE-2020-11008 | git-man | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u10 | git: Crafted URL containing new lines, empty host or lacks a scheme can cause credential leak | git-man:1:2.1.4-2.1+deb8u6 |
High | CVE-2020-5260 | git-man | 1:2.1.4-2.1+deb8u6 | 1:2.1.4-2.1+deb8u9 | git: Crafted URL containing new lines can cause credential leak | git-man:1:2.1.4-2.1+deb8u6 |
High | CVE-2017-12430 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | imagemagick:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12430 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12430 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-3462 | libapt-pkg4.12 | 1.0.9.8.4 | 1.0.9.8.5 | Incorrect sanitation of the 302 redirect field in HTTP transport metho ... | libapt-pkg4.12:1.0.9.8.4 |
High | CVE-2016-7141 | libcurl3 | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Incorrect reuse of client certificates | libcurl3:7.38.0-4+deb8u11 |
High | CVE-2016-9586 | libcurl3 | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: printf floating point buffer overflow | libcurl3:7.38.0-4+deb8u11 |
High | CVE-2018-16890 | libcurl3 | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: NTLM type-2 heap out-of-bounds buffer read | libcurl3:7.38.0-4+deb8u11 |
High | CVE-2019-3823 | libcurl3 | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: SMTP end-of-response out-of-bounds read | libcurl3:7.38.0-4+deb8u11 |
High | CVE-2019-5436 | libcurl3 | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u15 | curl: TFTP receive heap buffer overflow in tftp_receive_packet() function | libcurl3:7.38.0-4+deb8u11 |
High | CVE-2016-7141 | libcurl3-gnutls | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Incorrect reuse of client certificates | libcurl3-gnutls:7.38.0-4+deb8u11 |
High | CVE-2016-9586 | libcurl3-gnutls | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: printf floating point buffer overflow | libcurl3-gnutls:7.38.0-4+deb8u11 |
High | CVE-2018-16890 | libcurl3-gnutls | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: NTLM type-2 heap out-of-bounds buffer read | libcurl3-gnutls:7.38.0-4+deb8u11 |
High | CVE-2019-3823 | libcurl3-gnutls | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: SMTP end-of-response out-of-bounds read | libcurl3-gnutls:7.38.0-4+deb8u11 |
High | CVE-2019-5436 | libcurl3-gnutls | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u15 | curl: TFTP receive heap buffer overflow in tftp_receive_packet() function | libcurl3-gnutls:7.38.0-4+deb8u11 |
High | CVE-2016-7141 | libcurl4-openssl-dev | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: Incorrect reuse of client certificates | libcurl4-openssl-dev:7.38.0-4+deb8u11 |
High | CVE-2016-9586 | libcurl4-openssl-dev | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u13 | curl: printf floating point buffer overflow | libcurl4-openssl-dev:7.38.0-4+deb8u11 |
High | CVE-2018-16890 | libcurl4-openssl-dev | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: NTLM type-2 heap out-of-bounds buffer read | libcurl4-openssl-dev:7.38.0-4+deb8u11 |
High | CVE-2019-3823 | libcurl4-openssl-dev | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u14 | curl: SMTP end-of-response out-of-bounds read | libcurl4-openssl-dev:7.38.0-4+deb8u11 |
High | CVE-2019-5436 | libcurl4-openssl-dev | 7.38.0-4+deb8u11 | 7.38.0-4+deb8u15 | curl: TFTP receive heap buffer overflow in tftp_receive_packet() function | libcurl4-openssl-dev:7.38.0-4+deb8u11 |
High | CVE-2019-18804 | libdjvulibre-dev | 3.5.25.4-4 | 3.5.25.4-4+deb8u2 | DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ... | libdjvulibre-dev:3.5.25.4-4 |
High | CVE-2019-18804 | libdjvulibre-text | 3.5.25.4-4 | 3.5.25.4-4+deb8u2 | DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ... | libdjvulibre-text:3.5.25.4-4 |
High | CVE-2019-18804 | libdjvulibre21 | 3.5.25.4-4 | 3.5.25.4-4+deb8u2 | DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ... | libdjvulibre21:3.5.25.4-4 |
High | CVE-2016-6328 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u2 | libexif: Integer overflow in parsing MNOTE entry data of the input file | libexif-dev:0.6.21-2 |
High | CVE-2018-20030 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u3 | libexif: Input validation issue resulting in a denial of service | libexif-dev:0.6.21-2 |
High | CVE-2019-9278 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u1 | libexif: out of bounds write in exif-data.c | libexif-dev:0.6.21-2 |
High | CVE-2020-0181 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u1 | libexif: integer overflow in exif_data_load_data_thumbnail function in exif-data.c | libexif-dev:0.6.21-2 |
High | CVE-2020-0198 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u4 | libexif: integer overflow in exif_data_load_data_content function in exif-data.c | libexif-dev:0.6.21-2 |
High | CVE-2020-13113 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u3 | libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free | libexif-dev:0.6.21-2 |
High | CVE-2020-13114 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u3 | libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time | libexif-dev:0.6.21-2 |
High | CVE-2016-6328 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u2 | libexif: Integer overflow in parsing MNOTE entry data of the input file | libexif12:0.6.21-2 |
High | CVE-2018-20030 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u3 | libexif: Input validation issue resulting in a denial of service | libexif12:0.6.21-2 |
High | CVE-2019-9278 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u1 | libexif: out of bounds write in exif-data.c | libexif12:0.6.21-2 |
High | CVE-2020-0181 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u1 | libexif: integer overflow in exif_data_load_data_thumbnail function in exif-data.c | libexif12:0.6.21-2 |
High | CVE-2020-0198 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u4 | libexif: integer overflow in exif_data_load_data_content function in exif-data.c | libexif12:0.6.21-2 |
High | CVE-2020-13113 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u3 | libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free | libexif12:0.6.21-2 |
High | CVE-2020-13114 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u3 | libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time | libexif12:0.6.21-2 |
High | CVE-2018-20843 | libexpat1 | 2.1.0-6+deb8u4 | 2.1.0-6+deb8u5 | expat: large number of colons in input makes parser consume high amount of resources, leading to DoS | libexpat1:2.1.0-6+deb8u4 |
High | CVE-2019-15903 | libexpat1 | 2.1.0-6+deb8u4 | 2.1.0-6+deb8u6 | expat: heap-based buffer over-read via crafted XML input | libexpat1:2.1.0-6+deb8u4 |
High | CVE-2018-20843 | libexpat1-dev | 2.1.0-6+deb8u4 | 2.1.0-6+deb8u5 | expat: large number of colons in input makes parser consume high amount of resources, leading to DoS | libexpat1-dev:2.1.0-6+deb8u4 |
High | CVE-2019-15903 | libexpat1-dev | 2.1.0-6+deb8u4 | 2.1.0-6+deb8u6 | expat: heap-based buffer over-read via crafted XML input | libexpat1-dev:2.1.0-6+deb8u4 |
High | CVE-2015-9381 | libfreetype6 | 2.5.2-3+deb8u2 | 2.5.2-3+deb8u4 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash | libfreetype6:2.5.2-3+deb8u2 |
High | CVE-2015-9381 | libfreetype6-dev | 2.5.2-3+deb8u2 | 2.5.2-3+deb8u4 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash | libfreetype6-dev:2.5.2-3+deb8u2 |
High | CVE-2018-1000222 | libgd3 | 2.1.0-5+deb8u11 | 2.1.0-5+deb8u12 | gd: Double free in src/gd_bump.c:gdImageBmpPtr() via crafted JPEG | libgd3:2.1.0-5+deb8u11 |
High | CVE-2018-14553 | libgd3 | 2.1.0-5+deb8u11 | 2.1.0-5+deb8u14 | gd: NULL pointer dereference in gdImageClone | libgd3:2.1.0-5+deb8u11 |
High | CVE-2019-6977 | libgd3 | 2.1.0-5+deb8u11 | 2.1.0-5+deb8u12 | gd: Heap-based buffer overflow in gdImageColorMatch() in gd_color_match.c | libgd3:2.1.0-5+deb8u11 |
High | CVE-2016-6352 | libgdk-pixbuf2.0-0 | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Out-of-bounds write in OneLine32() function | libgdk-pixbuf2.0-0:2.31.1-2+deb8u7 |
High | CVE-2017-2870 | libgdk-pixbuf2.0-0 | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf2: Integer overflow in tiff_image_parse function | libgdk-pixbuf2.0-0:2.31.1-2+deb8u7 |
High | CVE-2017-6313 | libgdk-pixbuf2.0-0 | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Integer underflow in io-icns.c | libgdk-pixbuf2.0-0:2.31.1-2+deb8u7 |
High | CVE-2016-6352 | libgdk-pixbuf2.0-common | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Out-of-bounds write in OneLine32() function | libgdk-pixbuf2.0-common:2.31.1-2+deb8u7 |
High | CVE-2017-2870 | libgdk-pixbuf2.0-common | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf2: Integer overflow in tiff_image_parse function | libgdk-pixbuf2.0-common:2.31.1-2+deb8u7 |
High | CVE-2017-6313 | libgdk-pixbuf2.0-common | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Integer underflow in io-icns.c | libgdk-pixbuf2.0-common:2.31.1-2+deb8u7 |
High | CVE-2016-6352 | libgdk-pixbuf2.0-dev | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Out-of-bounds write in OneLine32() function | libgdk-pixbuf2.0-dev:2.31.1-2+deb8u7 |
High | CVE-2017-2870 | libgdk-pixbuf2.0-dev | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf2: Integer overflow in tiff_image_parse function | libgdk-pixbuf2.0-dev:2.31.1-2+deb8u7 |
High | CVE-2017-6313 | libgdk-pixbuf2.0-dev | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Integer underflow in io-icns.c | libgdk-pixbuf2.0-dev:2.31.1-2+deb8u7 |
High | CVE-2018-16429 | libglib2.0-0 | 2.42.1-1 | 2.42.1-1+deb8u2 | glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c | libglib2.0-0:2.42.1-1 |
High | CVE-2019-13012 | libglib2.0-0 | 2.42.1-1 | 2.42.1-1+deb8u3 | glib2: insecure permissions for files and directories | libglib2.0-0:2.42.1-1 |
High | CVE-2018-16429 | libglib2.0-bin | 2.42.1-1 | 2.42.1-1+deb8u2 | glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c | libglib2.0-bin:2.42.1-1 |
High | CVE-2019-13012 | libglib2.0-bin | 2.42.1-1 | 2.42.1-1+deb8u3 | glib2: insecure permissions for files and directories | libglib2.0-bin:2.42.1-1 |
High | CVE-2018-16429 | libglib2.0-data | 2.42.1-1 | 2.42.1-1+deb8u2 | glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c | libglib2.0-data:2.42.1-1 |
High | CVE-2019-13012 | libglib2.0-data | 2.42.1-1 | 2.42.1-1+deb8u3 | glib2: insecure permissions for files and directories | libglib2.0-data:2.42.1-1 |
High | CVE-2018-16429 | libglib2.0-dev | 2.42.1-1 | 2.42.1-1+deb8u2 | glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c | libglib2.0-dev:2.42.1-1 |
High | CVE-2019-13012 | libglib2.0-dev | 2.42.1-1 | 2.42.1-1+deb8u3 | glib2: insecure permissions for files and directories | libglib2.0-dev:2.42.1-1 |
High | CVE-2015-8947 | libharfbuzz0b | 0.9.35-2 | 0.9.35-2+deb8u1 | CVE-2016-2052 CVE-2015-8947 chromium-browser: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6 | libharfbuzz0b:0.9.35-2 |
High | CVE-2020-10531 | libicu52 | 52.1-8+deb8u7 | 52.1-8+deb8u8 | ICU: Integer overflow in UnicodeString::doAppend() | libicu52:52.1-8+deb8u7 |
High | CVE-2017-13748 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u4 | jasper: tile memory not released on image parsing errors | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
High | CVE-2018-19540 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: heap-based buffer overflow of size 1 in jas_icctxtdesc_input in libjasper/base/jas_icc.c | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
High | CVE-2018-19541 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: heap-based buffer over-read of size 8 in jas_image_depalettize in libjasper/base/jas_image.c | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
High | CVE-2017-13748 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u4 | jasper: tile memory not released on image parsing errors | libjasper1:1.900.1-debian1-2.4+deb8u3 |
High | CVE-2018-19540 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: heap-based buffer overflow of size 1 in jas_icctxtdesc_input in libjasper/base/jas_icc.c | libjasper1:1.900.1-debian1-2.4+deb8u3 |
High | CVE-2018-19541 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: heap-based buffer over-read of size 8 in jas_image_depalettize in libjasper/base/jas_image.c | libjasper1:1.900.1-debian1-2.4+deb8u3 |
High | CVE-2016-3616 | libjpeg-dev | 1:1.3.1-12 | 1:1.3.1-12+deb8u1 | libjpeg: null pointer dereference in cjpeg | libjpeg-dev:1:1.3.1-12 |
High | CVE-2016-3616 | libjpeg62-turbo | 1:1.3.1-12 | 1:1.3.1-12+deb8u1 | libjpeg: null pointer dereference in cjpeg | libjpeg62-turbo:1:1.3.1-12 |
High | CVE-2016-3616 | libjpeg62-turbo-dev | 1:1.3.1-12 | 1:1.3.1-12+deb8u1 | libjpeg: null pointer dereference in cjpeg | libjpeg62-turbo-dev:1:1.3.1-12 |
High | CVE-2019-13565 | libldap-2.4-2 | 2.4.40+dfsg-1+deb8u4 | 2.4.40+dfsg-1+deb8u5 | openldap: ACL restrictions bypass due to sasl_ssf value being set permanently | libldap-2.4-2:2.4.40+dfsg-1+deb8u4 |
High | CVE-2020-12243 | libldap-2.4-2 | 2.4.40+dfsg-1+deb8u4 | 2.4.40+dfsg-1+deb8u6 | openldap: denial of service via nested boolean expressions in LDAP search filters | libldap-2.4-2:2.4.40+dfsg-1+deb8u4 |
High | CVE-2019-8907 | libmagic1 | 1:5.22+15-2+deb8u4 | 1:5.22+15-2+deb8u5 | file: do_core_note in readelf.c allows remote attackers to cause a denial of service | libmagic1:1:5.22+15-2+deb8u4 |
High | CVE-2017-12430 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | libmagickcore-6-arch-config | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | libmagickcore-6-arch-config:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12430 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | libmagickcore-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | libmagickcore-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12430 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | libmagickcore-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | libmagickcore-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12430 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | libmagickcore-6.q16-2-extra | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | libmagickcore-6.q16-2-extra:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12430 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | libmagickcore-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | libmagickcore-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12430 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | libmagickcore-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | libmagickcore-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12430 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | libmagickwand-6-headers | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | libmagickwand-6-headers:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12430 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | libmagickwand-6.q16-2 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | libmagickwand-6.q16-2:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12430 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | libmagickwand-6.q16-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | libmagickwand-6.q16-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12430 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | GraphicsMagick, ImageMagick: Memory exhaustion in ReadMPCImage in coders/mpc.c | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12435 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadSUNImage function in coders/sun.c | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-12587 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-14739 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the AcquireResampleFilterThreadSet function | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15015 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in PDFDelegateMessage | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15017 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadOneMNGImage | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2017-15281 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Conditional statement depends on unitialized value | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16412 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the ParseImageResourceBlocks function in coders/psd.c | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2018-16413 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: heap-based buffer over-read in the PushShortPixel function in MagickCore/quantum-private.h | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10650 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in WriteTIFFImage of coders/tiff.c leads to denial of service or information disclosure via crafted image file | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11597 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-11598 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13135 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: a "use of uninitialized value" vulnerability in the function ReadCUTImage leading to a crash and DoS | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13295 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13297 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13304 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13305 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-13306 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-15140 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: Use after free in ReadMATImage in coders/mat.c | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-9956 | libmagickwand-dev | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: stack-based buffer overflow in function PopHexPixel in coders/ps.c | libmagickwand-dev:8:6.8.9.9-5+deb8u13 |
High | CVE-2019-10208 | libpq-dev | 9.4.19-0+deb8u1 | 9.4.24-0+deb8u1 | postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution | libpq-dev:9.4.19-0+deb8u1 |
High | CVE-2019-10208 | libpq5 | 9.4.19-0+deb8u1 | 9.4.24-0+deb8u1 | postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution | libpq5:9.4.19-0+deb8u1 |
High | CVE-2018-1060 | libpython2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib | libpython2.7-minimal:2.7.9-2+deb8u1 |
High | CVE-2018-1061 | libpython2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib | libpython2.7-minimal:2.7.9-2+deb8u1 |
High | CVE-2018-14647 | libpython2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Missing salt initialization in _elementtree.c module | libpython2.7-minimal:2.7.9-2+deb8u1 |
High | CVE-2019-16056 | libpython2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u5 | python: email.utils.parseaddr wrongly parses email addresses | libpython2.7-minimal:2.7.9-2+deb8u1 |
High | CVE-2019-5010 | libpython2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: NULL pointer dereference using a specially crafted X509 certificate | libpython2.7-minimal:2.7.9-2+deb8u1 |
High | CVE-2018-1060 | libpython2.7-stdlib | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib | libpython2.7-stdlib:2.7.9-2+deb8u1 |
High | CVE-2018-1061 | libpython2.7-stdlib | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib | libpython2.7-stdlib:2.7.9-2+deb8u1 |
High | CVE-2018-14647 | libpython2.7-stdlib | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Missing salt initialization in _elementtree.c module | libpython2.7-stdlib:2.7.9-2+deb8u1 |
High | CVE-2019-16056 | libpython2.7-stdlib | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u5 | python: email.utils.parseaddr wrongly parses email addresses | libpython2.7-stdlib:2.7.9-2+deb8u1 |
High | CVE-2019-5010 | libpython2.7-stdlib | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: NULL pointer dereference using a specially crafted X509 certificate | libpython2.7-stdlib:2.7.9-2+deb8u1 |
High | CVE-2019-19906 | libsasl2-2 | 2.1.26.dfsg1-13+deb8u1 | 2.1.26.dfsg1-13+deb8u2 | cyrus-sasl: denial of service in _sasl_add_string function | libsasl2-2:2.1.26.dfsg1-13+deb8u1 |
High | CVE-2019-19906 | libsasl2-modules-db | 2.1.26.dfsg1-13+deb8u1 | 2.1.26.dfsg1-13+deb8u2 | cyrus-sasl: denial of service in _sasl_add_string function | libsasl2-modules-db:2.1.26.dfsg1-13+deb8u1 |
High | CVE-2018-20346 | libsqlite3-0 | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u3 | CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan) | libsqlite3-0:3.8.7.1-1+deb8u2 |
High | CVE-2018-20506 | libsqlite3-0 | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u3 | CVE-2018-20346 CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan) | libsqlite3-0:3.8.7.1-1+deb8u2 |
High | CVE-2018-8740 | libsqlite3-0 | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u4 | sqlite: NULL pointer dereference with databases with schema corrupted with CREATE TABLE AS allows for denial of service | libsqlite3-0:3.8.7.1-1+deb8u2 |
High | CVE-2020-11655 | libsqlite3-0 | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u5 | sqlite: malformed window-function query leads to DoS | libsqlite3-0:3.8.7.1-1+deb8u2 |
High | CVE-2018-20346 | libsqlite3-dev | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u3 | CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan) | libsqlite3-dev:3.8.7.1-1+deb8u2 |
High | CVE-2018-20506 | libsqlite3-dev | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u3 | CVE-2018-20346 CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan) | libsqlite3-dev:3.8.7.1-1+deb8u2 |
High | CVE-2018-8740 | libsqlite3-dev | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u4 | sqlite: NULL pointer dereference with databases with schema corrupted with CREATE TABLE AS allows for denial of service | libsqlite3-dev:3.8.7.1-1+deb8u2 |
High | CVE-2020-11655 | libsqlite3-dev | 3.8.7.1-1+deb8u2 | 3.8.7.1-1+deb8u5 | sqlite: malformed window-function query leads to DoS | libsqlite3-dev:3.8.7.1-1+deb8u2 |
High | CVE-2019-13115 | libssh2-1 | 1.4.3-4.1+deb8u1 | 1.4.3-4.1+deb8u4 | libssh2: integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c leads to out-of-bounds write | libssh2-1:1.4.3-4.1+deb8u1 |
High | CVE-2019-17498 | libssh2-1 | 1.4.3-4.1+deb8u1 | 1.4.3-4.1+deb8u6 | libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c | libssh2-1:1.4.3-4.1+deb8u1 |
High | CVE-2019-3855 | libssh2-1 | 1.4.3-4.1+deb8u1 | 1.4.3-4.1+deb8u2 | libssh2: Integer overflow in transport read resulting in out of bounds write | libssh2-1:1.4.3-4.1+deb8u1 |
High | CVE-2019-3856 | libssh2-1 | 1.4.3-4.1+deb8u1 | 1.4.3-4.1+deb8u2 | libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write | libssh2-1:1.4.3-4.1+deb8u1 |
High | CVE-2019-3857 | libssh2-1 | 1.4.3-4.1+deb8u1 | 1.4.3-4.1+deb8u2 | libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write | libssh2-1:1.4.3-4.1+deb8u1 |
High | CVE-2019-3863 | libssh2-1 | 1.4.3-4.1+deb8u1 | 1.4.3-4.1+deb8u2 | libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes | libssh2-1:1.4.3-4.1+deb8u1 |
High | CVE-2019-0203 | libsvn1 | 1.8.10-6+deb8u6 | 1.8.10-6+deb8u7 | subversion: NULL pointer dereference in svnserve leading to an unauthenticated remote DoS | libsvn1:1.8.10-6+deb8u6 |
High | CVE-2017-18078 | libsystemd0 | 215-17+deb8u7 | 215-17+deb8u12 | systemd: Unsafe handling of hard links allowing privilege escalation | libsystemd0:215-17+deb8u7 |
High | CVE-2018-15686 | libsystemd0 | 215-17+deb8u7 | 215-17+deb8u8 | systemd: line splitting via fgets() allows for state injection during daemon-reexec | libsystemd0:215-17+deb8u7 |
High | CVE-2018-15688 | libsystemd0 | 215-17+deb8u7 | 215-17+deb8u8 | systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling | libsystemd0:215-17+deb8u7 |
High | CVE-2018-16864 | libsystemd0 | 215-17+deb8u7 | 215-17+deb8u9 | systemd: stack overflow when calling syslog from a command with long cmdline | libsystemd0:215-17+deb8u7 |
High | CVE-2018-16865 | libsystemd0 | 215-17+deb8u7 | 215-17+deb8u9 | systemd: stack overflow when receiving many journald entries | libsystemd0:215-17+deb8u7 |
High | CVE-2019-3842 | libsystemd0 | 215-17+deb8u7 | 215-17+deb8u12 | systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" | libsystemd0:215-17+deb8u7 |
High | CVE-2017-10790 | libtasn1-6 | 4.2-3+deb8u3 | 4.2-3+deb8u4 | libtasn1: NULL pointer dereference in the _asn1_check_identifier function | libtasn1-6:4.2-3+deb8u3 |
High | CVE-2017-17095 | libtiff5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service | libtiff5:4.0.3-12.3+deb8u6 |
High | CVE-2018-12900 | libtiff5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution | libtiff5:4.0.3-12.3+deb8u6 |
High | CVE-2018-17100 | libtiff5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u7 | libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c | libtiff5:4.0.3-12.3+deb8u6 |
High | CVE-2018-17101 | libtiff5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u7 | libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c | libtiff5:4.0.3-12.3+deb8u6 |
High | CVE-2018-18557 | libtiff5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u7 | libtiff: Out-of-bounds write in tif_jbig.c | libtiff5:4.0.3-12.3+deb8u6 |
High | CVE-2019-17546 | libtiff5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c | libtiff5:4.0.3-12.3+deb8u6 |
High | CVE-2019-6128 | libtiff5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: memory leak in TIFFFdOpen function in tif_unix.c when using pal2rgb | libtiff5:4.0.3-12.3+deb8u6 |
High | CVE-2017-17095 | libtiff5-dev | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service | libtiff5-dev:4.0.3-12.3+deb8u6 |
High | CVE-2018-12900 | libtiff5-dev | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution | libtiff5-dev:4.0.3-12.3+deb8u6 |
High | CVE-2018-17100 | libtiff5-dev | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u7 | libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c | libtiff5-dev:4.0.3-12.3+deb8u6 |
High | CVE-2018-17101 | libtiff5-dev | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u7 | libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c | libtiff5-dev:4.0.3-12.3+deb8u6 |
High | CVE-2018-18557 | libtiff5-dev | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u7 | libtiff: Out-of-bounds write in tif_jbig.c | libtiff5-dev:4.0.3-12.3+deb8u6 |
High | CVE-2019-17546 | libtiff5-dev | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c | libtiff5-dev:4.0.3-12.3+deb8u6 |
High | CVE-2019-6128 | libtiff5-dev | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: memory leak in TIFFFdOpen function in tif_unix.c when using pal2rgb | libtiff5-dev:4.0.3-12.3+deb8u6 |
High | CVE-2017-17095 | libtiffxx5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service | libtiffxx5:4.0.3-12.3+deb8u6 |
High | CVE-2018-12900 | libtiffxx5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denial of service or possibly code execution | libtiffxx5:4.0.3-12.3+deb8u6 |
High | CVE-2018-17100 | libtiffxx5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u7 | libtiff: Integer overflow in multiply_ms in tools/ppm2tiff.c | libtiffxx5:4.0.3-12.3+deb8u6 |
High | CVE-2018-17101 | libtiffxx5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u7 | libtiff: Two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c | libtiffxx5:4.0.3-12.3+deb8u6 |
High | CVE-2018-18557 | libtiffxx5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u7 | libtiff: Out-of-bounds write in tif_jbig.c | libtiffxx5:4.0.3-12.3+deb8u6 |
High | CVE-2019-17546 | libtiffxx5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c | libtiffxx5:4.0.3-12.3+deb8u6 |
High | CVE-2019-6128 | libtiffxx5 | 4.0.3-12.3+deb8u6 | 4.0.3-12.3+deb8u10 | libtiff: memory leak in TIFFFdOpen function in tif_unix.c when using pal2rgb | libtiffxx5:4.0.3-12.3+deb8u6 |
High | CVE-2017-18078 | libudev1 | 215-17+deb8u7 | 215-17+deb8u12 | systemd: Unsafe handling of hard links allowing privilege escalation | libudev1:215-17+deb8u7 |
High | CVE-2018-15686 | libudev1 | 215-17+deb8u7 | 215-17+deb8u8 | systemd: line splitting via fgets() allows for state injection during daemon-reexec | libudev1:215-17+deb8u7 |
High | CVE-2018-15688 | libudev1 | 215-17+deb8u7 | 215-17+deb8u8 | systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling | libudev1:215-17+deb8u7 |
High | CVE-2018-16864 | libudev1 | 215-17+deb8u7 | 215-17+deb8u9 | systemd: stack overflow when calling syslog from a command with long cmdline | libudev1:215-17+deb8u7 |
High | CVE-2018-16865 | libudev1 | 215-17+deb8u7 | 215-17+deb8u9 | systemd: stack overflow when receiving many journald entries | libudev1:215-17+deb8u7 |
High | CVE-2019-3842 | libudev1 | 215-17+deb8u7 | 215-17+deb8u12 | systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" | libudev1:215-17+deb8u7 |
High | CVE-2019-9232 | libvpx1 | 1.3.0-3+deb8u1 | 1.3.0-3+deb8u2 | libvpx: Out of bounds read in vp8_norm table | libvpx1:1.3.0-3+deb8u1 |
High | CVE-2020-0034 | libvpx1 | 1.3.0-3+deb8u1 | 1.3.0-3+deb8u3 | libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c | libvpx1:1.3.0-3+deb8u1 |
High | CVE-2018-14404 | libxml2 | 2.9.1+dfsg1-5+deb8u6 | 2.9.1+dfsg1-5+deb8u7 | libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c | libxml2:2.9.1+dfsg1-5+deb8u6 |
High | CVE-2019-19956 | libxml2 | 2.9.1+dfsg1-5+deb8u6 | 2.9.1+dfsg1-5+deb8u8 | libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c | libxml2:2.9.1+dfsg1-5+deb8u6 |
High | CVE-2018-14404 | libxml2-dev | 2.9.1+dfsg1-5+deb8u6 | 2.9.1+dfsg1-5+deb8u7 | libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c | libxml2-dev:2.9.1+dfsg1-5+deb8u6 |
High | CVE-2019-19956 | libxml2-dev | 2.9.1+dfsg1-5+deb8u6 | 2.9.1+dfsg1-5+deb8u8 | libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c | libxml2-dev:2.9.1+dfsg1-5+deb8u6 |
High | CVE-2019-13117 | libxslt1-dev | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u5 | libxslt: an xsl number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers | libxslt1-dev:1.1.28-2+deb8u3 |
High | CVE-2019-13118 | libxslt1-dev | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u5 | libxslt: read of uninitialized stack data due to too narrow xsl:number instruction and an invalid character | libxslt1-dev:1.1.28-2+deb8u3 |
High | CVE-2019-18197 | libxslt1-dev | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u6 | libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure | libxslt1-dev:1.1.28-2+deb8u3 |
High | CVE-2019-13117 | libxslt1.1 | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u5 | libxslt: an xsl number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers | libxslt1.1:1.1.28-2+deb8u3 |
High | CVE-2019-13118 | libxslt1.1 | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u5 | libxslt: read of uninitialized stack data due to too narrow xsl:number instruction and an invalid character | libxslt1.1:1.1.28-2+deb8u3 |
High | CVE-2019-18197 | libxslt1.1 | 1.1.28-2+deb8u3 | 1.1.28-2+deb8u6 | libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure | libxslt1.1:1.1.28-2+deb8u3 |
High | CVE-2016-10905 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | kernel: use-after-free in fs/gfs2/rgrp.c | linux-libc-dev:3.16.57-2 |
High | CVE-2017-13305 | linux-libc-dev | 3.16.57-2 | 3.16.64-1 | kernel: Buffer over-read in keyring subsystem allows exposing potentially sensitive information to local attacker | linux-libc-dev:3.16.57-2 |
High | CVE-2017-18509 | linux-libc-dev | 3.16.57-2 | 3.16.72-1 | kernel: not checking sk_type and protocol in net/ipv6/ip6mr.c leads to general protection fault, or arbitrary code execution | linux-libc-dev:3.16.57-2 |
High | CVE-2018-10878 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image | linux-libc-dev:3.16.57-2 |
High | CVE-2018-10879 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file | linux-libc-dev:3.16.57-2 |
High | CVE-2018-10902 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: MIDI driver race condition leads to a double-free | linux-libc-dev:3.16.57-2 |
High | CVE-2018-13405 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members | linux-libc-dev:3.16.57-2 |
High | CVE-2018-13406 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: Integer overflow in drivers/video/fbdev/uvesafb.c:uvesafb_setcmap() allows for potential denial of service | linux-libc-dev:3.16.57-2 |
High | CVE-2018-14633 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target | linux-libc-dev:3.16.57-2 |
High | CVE-2018-14634 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: Integer overflow in Linux's create_elf_tables function | linux-libc-dev:3.16.57-2 |
High | CVE-2018-14678 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | xen: Uninitialized state in x86 PV failsafe callback path (XSA-274) | linux-libc-dev:3.16.57-2 |
High | CVE-2018-14734 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c | linux-libc-dev:3.16.57-2 |
High | CVE-2018-16276 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: incorrect bounds checking in yurex_read in drivers/usb/misc/yurex.c | linux-libc-dev:3.16.57-2 |
High | CVE-2018-16884 | linux-libc-dev | 3.16.57-2 | 3.16.64-1 | kernel: nfs: use-after-free in svc_process_common() | linux-libc-dev:3.16.57-2 |
High | CVE-2018-17182 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation | linux-libc-dev:3.16.57-2 |
High | CVE-2018-18281 | linux-libc-dev | 3.16.57-2 | 3.16.64-1 | kernel: TLB flush happens too late on mremap | linux-libc-dev:3.16.57-2 |
High | CVE-2018-19824 | linux-libc-dev | 3.16.57-2 | 3.16.64-1 | kernel: Use-after-free in sound/usb/card.c:usb_audio_probe() | linux-libc-dev:3.16.57-2 |
High | CVE-2018-20836 | linux-libc-dev | 3.16.57-2 | 3.16.72-1 | kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free | linux-libc-dev:3.16.57-2 |
High | CVE-2018-20976 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | kernel: use-after-free in fs/xfs/xfs_super.c | linux-libc-dev:3.16.57-2 |
High | CVE-2018-5391 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) | linux-libc-dev:3.16.57-2 |
High | CVE-2018-5848 | linux-libc-dev | 3.16.57-2 | 3.16.64-1 | kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption | linux-libc-dev:3.16.57-2 |
High | CVE-2018-6555 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: irda: use-after-free vulnerability in the hashbin list | linux-libc-dev:3.16.57-2 |
High | CVE-2018-9363 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: Buffer overflow in hidp_process_report | linux-libc-dev:3.16.57-2 |
High | CVE-2018-9516 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c | linux-libc-dev:3.16.57-2 |
High | CVE-2018-9568 | linux-libc-dev | 3.16.57-2 | 3.16.59-1 | kernel: Memory corruption due to incorrect socket cloning | linux-libc-dev:3.16.57-2 |
High | CVE-2019-0136 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | kernel: insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver may allow an unauthenticated user to potentially enable DoS via adjacent access | linux-libc-dev:3.16.57-2 |
High | CVE-2019-10220 | linux-libc-dev | 3.16.57-2 | 3.16.81-1 | kernel: CIFS: Relative paths injection in directory entry lists | linux-libc-dev:3.16.57-2 |
High | CVE-2019-10639 | linux-libc-dev | 3.16.57-2 | 3.16.70-1 | Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR | linux-libc-dev:3.16.57-2 |
High | CVE-2019-11477 | linux-libc-dev | 3.16.57-2 | 3.16.68-2 | Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service | linux-libc-dev:3.16.57-2 |
High | CVE-2019-11478 | linux-libc-dev | 3.16.57-2 | 3.16.68-2 | Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service | linux-libc-dev:3.16.57-2 |
High | CVE-2019-11479 | linux-libc-dev | 3.16.57-2 | 3.16.68-2 | kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service | linux-libc-dev:3.16.57-2 |
High | CVE-2019-11486 | linux-libc-dev | 3.16.57-2 | 3.16.68-1 | kernel: multiple race conditions in Siemens R3964 line discipline driver in drivers/tty/n_r3964.c leading to denial of service | linux-libc-dev:3.16.57-2 |
High | CVE-2019-11599 | linux-libc-dev | 3.16.57-2 | 3.16.68-1 | kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping | linux-libc-dev:3.16.57-2 |
High | CVE-2019-11810 | linux-libc-dev | 3.16.57-2 | 3.16.68-2 | kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS | linux-libc-dev:3.16.57-2 |
High | CVE-2019-12818 | linux-libc-dev | 3.16.57-2 | 3.16.68-1 | kernel: null-pointer dereference in function nfc_llcp_build_tlv in net/nfc/llcp_commands.c | linux-libc-dev:3.16.57-2 |
High | CVE-2019-13272 | linux-libc-dev | 3.16.57-2 | 3.16.70-1 | kernel: broken permission and object lifetime handling for PTRACE_TRACEME | linux-libc-dev:3.16.57-2 |
High | CVE-2019-14814 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS | linux-libc-dev:3.16.57-2 |
High | CVE-2019-14815 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS | linux-libc-dev:3.16.57-2 |
High | CVE-2019-14816 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver | linux-libc-dev:3.16.57-2 |
High | CVE-2019-14821 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | Kernel: KVM: OOB memory access via mmio ring buffer | linux-libc-dev:3.16.57-2 |
High | CVE-2019-14835 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | kernel: vhost-net: guest to host kernel escape during migration | linux-libc-dev:3.16.57-2 |
High | CVE-2019-15117 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | kernel: out of bounds memory access in parse_audio_mixer_unit in sound/usb/mixer.c | linux-libc-dev:3.16.57-2 |
High | CVE-2019-15239 | linux-libc-dev | 3.16.57-2 | 3.16.72-1 | kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation | linux-libc-dev:3.16.57-2 |
High | CVE-2019-15916 | linux-libc-dev | 3.16.57-2 | 3.16.70-1 | kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service | linux-libc-dev:3.16.57-2 |
High | CVE-2019-15917 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | kernel: use-after-free in drivers/bluetooth/hci_ldisc.c | linux-libc-dev:3.16.57-2 |
High | CVE-2019-15927 | linux-libc-dev | 3.16.57-2 | 3.16.68-1 | kernel: out-of-bounds in function build_audio_procunit in sound/usb/mixer.c | linux-libc-dev:3.16.57-2 |
High | CVE-2019-16413 | linux-libc-dev | 3.16.57-2 | 3.16.70-1 | kernel: i_size_read() infinite loop leads to denial of service | linux-libc-dev:3.16.57-2 |
High | CVE-2019-17666 | linux-libc-dev | 3.16.57-2 | 3.16.81-1 | kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow | linux-libc-dev:3.16.57-2 |
High | CVE-2019-18675 | linux-libc-dev | 3.16.57-2 | 3.16.64-1 | kernel: integer overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c | linux-libc-dev:3.16.57-2 |
High | CVE-2019-19052 | linux-libc-dev | 3.16.57-2 | 3.16.81-1 | kernel: dos in gs_can_open() function in drivers/net/can/usb/gs_usb.c | linux-libc-dev:3.16.57-2 |
High | CVE-2019-19447 | linux-libc-dev | 3.16.57-2 | 3.16.84-1 | kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c | linux-libc-dev:3.16.57-2 |
High | CVE-2019-19768 | linux-libc-dev | 3.16.57-2 | 3.16.84-1 | kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c | linux-libc-dev:3.16.57-2 |
High | CVE-2019-2024 | linux-libc-dev | 3.16.57-2 | 3.16.68-1 | kernel: media: em28xx: Use-after-free in em28xx/em28xx-dvb.c when disconnecting | linux-libc-dev:3.16.57-2 |
High | CVE-2019-2215 | linux-libc-dev | 3.16.57-2 | 3.16.81-1 | kernel: Use-after-free in binder.c | linux-libc-dev:3.16.57-2 |
High | CVE-2019-3846 | linux-libc-dev | 3.16.57-2 | 3.16.68-2 | kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c | linux-libc-dev:3.16.57-2 |
High | CVE-2019-3900 | linux-libc-dev | 3.16.57-2 | 3.16.72-1 | Kernel: vhost_net: infinite loop while receiving packets leads to DoS | linux-libc-dev:3.16.57-2 |
High | CVE-2019-6974 | linux-libc-dev | 3.16.57-2 | 3.16.64-1 | Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() | linux-libc-dev:3.16.57-2 |
High | CVE-2019-7221 | linux-libc-dev | 3.16.57-2 | 3.16.64-1 | Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer | linux-libc-dev:3.16.57-2 |
High | CVE-2019-9458 | linux-libc-dev | 3.16.57-2 | 3.16.64-1 | kernel: use after free due to race condition in the video driver leads to local privilege escalation | linux-libc-dev:3.16.57-2 |
High | CVE-2019-9503 | linux-libc-dev | 3.16.57-2 | 3.16.68-1 | kernel: brcmfmac frame validation bypass | linux-libc-dev:3.16.57-2 |
High | CVE-2019-9506 | linux-libc-dev | 3.16.57-2 | 3.16.74-1 | hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) | linux-libc-dev:3.16.57-2 |
High | CVE-2020-11668 | linux-libc-dev | 3.16.57-2 | 3.16.84-1 | kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c | linux-libc-dev:3.16.57-2 |
High | CVE-2020-12653 | linux-libc-dev | 3.16.57-2 | 3.16.84-1 | kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c | linux-libc-dev:3.16.57-2 |
High | CVE-2020-12654 | linux-libc-dev | 3.16.57-2 | 3.16.84-1 | kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c | linux-libc-dev:3.16.57-2 |
High | CVE-2020-1749 | linux-libc-dev | 3.16.57-2 | 3.16.84-1 | kernel: some ipv6 protocols not encrypted over ipsec tunnel | linux-libc-dev:3.16.57-2 |
High | CVE-2020-8648 | linux-libc-dev | 3.16.57-2 | 3.16.84-1 | kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c | linux-libc-dev:3.16.57-2 |
High | CVE-2020-9383 | linux-libc-dev | 3.16.57-2 | 3.16.84-1 | kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c | linux-libc-dev:3.16.57-2 |
High | CVE-2015-5600 | openssh-client | 1:6.7p1-5+deb8u5 | 1:6.7p1-5+deb8u6 | openssh: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices | openssh-client:1:6.7p1-5+deb8u5 |
High | CVE-2016-10009 | openssh-client | 1:6.7p1-5+deb8u5 | 1:6.7p1-5+deb8u6 | openssh: loading of untrusted PKCS#11 modules in ssh-agent | openssh-client:1:6.7p1-5+deb8u5 |
High | CVE-2016-10012 | openssh-client | 1:6.7p1-5+deb8u5 | 1:6.7p1-5+deb8u6 | openssh: Bounds check can be evaded in the shared memory manager used by pre-authentication compression support | openssh-client:1:6.7p1-5+deb8u5 |
High | CVE-2016-10708 | openssh-client | 1:6.7p1-5+deb8u5 | 1:6.7p1-5+deb8u6 | openssh: Out of sequence NEWKEYS message can allow remote attacker to cause denial of service | openssh-client:1:6.7p1-5+deb8u5 |
High | CVE-2016-6515 | openssh-client | 1:6.7p1-5+deb8u5 | 1:6.7p1-5+deb8u6 | openssh: Denial of service via very long passwords | openssh-client:1:6.7p1-5+deb8u5 |
High | CVE-2018-20969 | patch | 2.7.5-1+deb8u1 | 2.7.5-1+deb8u3 | patch: do_ed_script in pch.c does not block strings beginning with a ! character | patch:2.7.5-1+deb8u1 |
High | CVE-2019-13638 | patch | 2.7.5-1+deb8u1 | 2.7.5-1+deb8u3 | patch: OS shell command injection when processing crafted patch files | patch:2.7.5-1+deb8u1 |
High | CVE-2018-1060 | python2.7 | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib | python2.7:2.7.9-2+deb8u1 |
High | CVE-2018-1061 | python2.7 | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib | python2.7:2.7.9-2+deb8u1 |
High | CVE-2018-14647 | python2.7 | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Missing salt initialization in _elementtree.c module | python2.7:2.7.9-2+deb8u1 |
High | CVE-2019-16056 | python2.7 | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u5 | python: email.utils.parseaddr wrongly parses email addresses | python2.7:2.7.9-2+deb8u1 |
High | CVE-2019-5010 | python2.7 | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: NULL pointer dereference using a specially crafted X509 certificate | python2.7:2.7.9-2+deb8u1 |
High | CVE-2018-1060 | python2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib | python2.7-minimal:2.7.9-2+deb8u1 |
High | CVE-2018-1061 | python2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u2 | python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib | python2.7-minimal:2.7.9-2+deb8u1 |
High | CVE-2018-14647 | python2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: Missing salt initialization in _elementtree.c module | python2.7-minimal:2.7.9-2+deb8u1 |
High | CVE-2019-16056 | python2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u5 | python: email.utils.parseaddr wrongly parses email addresses | python2.7-minimal:2.7.9-2+deb8u1 |
High | CVE-2019-5010 | python2.7-minimal | 2.7.9-2+deb8u1 | 2.7.9-2+deb8u3 | python: NULL pointer dereference using a specially crafted X509 certificate | python2.7-minimal:2.7.9-2+deb8u1 |
High | CVE-2019-0203 | subversion | 1.8.10-6+deb8u6 | 1.8.10-6+deb8u7 | subversion: NULL pointer dereference in svnserve leading to an unauthenticated remote DoS | subversion:1.8.10-6+deb8u6 |
High | CVE-2017-18078 | systemd | 215-17+deb8u7 | 215-17+deb8u12 | systemd: Unsafe handling of hard links allowing privilege escalation | systemd:215-17+deb8u7 |
High | CVE-2018-15686 | systemd | 215-17+deb8u7 | 215-17+deb8u8 | systemd: line splitting via fgets() allows for state injection during daemon-reexec | systemd:215-17+deb8u7 |
High | CVE-2018-15688 | systemd | 215-17+deb8u7 | 215-17+deb8u8 | systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling | systemd:215-17+deb8u7 |
High | CVE-2018-16864 | systemd | 215-17+deb8u7 | 215-17+deb8u9 | systemd: stack overflow when calling syslog from a command with long cmdline | systemd:215-17+deb8u7 |
High | CVE-2018-16865 | systemd | 215-17+deb8u7 | 215-17+deb8u9 | systemd: stack overflow when receiving many journald entries | systemd:215-17+deb8u7 |
High | CVE-2019-3842 | systemd | 215-17+deb8u7 | 215-17+deb8u12 | systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" | systemd:215-17+deb8u7 |
High | CVE-2017-18078 | systemd-sysv | 215-17+deb8u7 | 215-17+deb8u12 | systemd: Unsafe handling of hard links allowing privilege escalation | systemd-sysv:215-17+deb8u7 |
High | CVE-2018-15686 | systemd-sysv | 215-17+deb8u7 | 215-17+deb8u8 | systemd: line splitting via fgets() allows for state injection during daemon-reexec | systemd-sysv:215-17+deb8u7 |
High | CVE-2018-15688 | systemd-sysv | 215-17+deb8u7 | 215-17+deb8u8 | systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling | systemd-sysv:215-17+deb8u7 |
High | CVE-2018-16864 | systemd-sysv | 215-17+deb8u7 | 215-17+deb8u9 | systemd: stack overflow when calling syslog from a command with long cmdline | systemd-sysv:215-17+deb8u7 |
High | CVE-2018-16865 | systemd-sysv | 215-17+deb8u7 | 215-17+deb8u9 | systemd: stack overflow when receiving many journald entries | systemd-sysv:215-17+deb8u7 |
High | CVE-2019-3842 | systemd-sysv | 215-17+deb8u7 | 215-17+deb8u12 | systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" | systemd-sysv:215-17+deb8u7 |
High | CVE-2017-18078 | udev | 215-17+deb8u7 | 215-17+deb8u12 | systemd: Unsafe handling of hard links allowing privilege escalation | udev:215-17+deb8u7 |
High | CVE-2018-15686 | udev | 215-17+deb8u7 | 215-17+deb8u8 | systemd: line splitting via fgets() allows for state injection during daemon-reexec | udev:215-17+deb8u7 |
High | CVE-2018-15688 | udev | 215-17+deb8u7 | 215-17+deb8u8 | systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling | udev:215-17+deb8u7 |
High | CVE-2018-16864 | udev | 215-17+deb8u7 | 215-17+deb8u9 | systemd: stack overflow when calling syslog from a command with long cmdline | udev:215-17+deb8u7 |
High | CVE-2018-16865 | udev | 215-17+deb8u7 | 215-17+deb8u9 | systemd: stack overflow when receiving many journald entries | udev:215-17+deb8u7 |
High | CVE-2019-3842 | udev | 215-17+deb8u7 | 215-17+deb8u12 | systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" | udev:215-17+deb8u7 |
High | CVE-2016-7098 | wget | 1.16-1+deb8u5 | 1.16-1+deb8u7 | wget: files rejected by access list are kept on the disk for the duration of HTTP connection | wget:1.16-1+deb8u5 |
High | CVE-2016-9840 | zlib1g | 1:1.2.8.dfsg-2 | 1:1.2.8.dfsg-2+deb8u1 | zlib: Out-of-bounds pointer arithmetic in inftrees.c | zlib1g:1:1.2.8.dfsg-2 |
High | CVE-2016-9842 | zlib1g | 1:1.2.8.dfsg-2 | 1:1.2.8.dfsg-2+deb8u1 | zlib: Undefined left shift of negative number | zlib1g:1:1.2.8.dfsg-2 |
High | CVE-2016-9840 | zlib1g-dev | 1:1.2.8.dfsg-2 | 1:1.2.8.dfsg-2+deb8u1 | zlib: Out-of-bounds pointer arithmetic in inftrees.c | zlib1g-dev:1:1.2.8.dfsg-2 |
High | CVE-2016-9842 | zlib1g-dev | 1:1.2.8.dfsg-2 | 1:1.2.8.dfsg-2+deb8u1 | zlib: Undefined left shift of negative number | zlib1g-dev:1:1.2.8.dfsg-2 |
High | CVE-2021-3807 | ansi-regex | 3.0.0 | 3.0.1, 4.1.1, 5.0.1, 6.0.1 | nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes | ansi-regex:3.0.0 |
High | CVE-2020-8116 | dot-prop | 4.2.0 | 5.1.1, 4.2.1 | nodejs-dot-prop: prototype pollution | dot-prop:4.2.0 |
High | CVE-2019-13173 | fstream | 1.0.11 | 1.0.12 | nodejs-fstream: File overwrite in fstream.DirWriter() function | fstream:1.0.11 |
High | CVE-2022-29167 | hawk | 6.0.2 | 9.0.1 | hawk: REDoS in hawk.utils.parseHost() when parsing Host header | hawk:6.0.2 |
High | GHSA-8w57-jfpm-945m | http-proxy-agent | 2.0.0 | 2.1.0 | Denial of Service in http-proxy-agent | http-proxy-agent:2.0.0 |
High | NSWG-ECO-402 | http-proxy-agent | 2.0.0 | >=2.1.0 | Denial of Service | http-proxy-agent:2.0.0 |
High | NSWG-ECO-388 | https-proxy-agent | 2.1.1 | >=2.2.0 | Denial of Service | https-proxy-agent:2.1.1 |
High | CVE-2020-7788 | ini | 1.3.5 | 1.3.6 | nodejs-ini: Prototype pollution via malicious INI file | ini:1.3.5 |
High | CVE-2018-16487 | lodash | 3.10.1 | >=4.17.11 | lodash: Prototype pollution in utilities function | lodash:3.10.1 |
High | CVE-2020-8203 | lodash | 3.10.1 | 4.17.20 | nodejs-lodash: prototype pollution in zipObjectDeep function | lodash:3.10.1 |
High | CVE-2021-23337 | lodash | 3.10.1 | 4.17.21 | nodejs-lodash: command injection via template | lodash:3.10.1 |
High | CVE-2018-16487 | lodash | 4.17.5 | >=4.17.11 | lodash: Prototype pollution in utilities function | lodash:4.17.5 |
High | CVE-2020-8203 | lodash | 4.17.5 | 4.17.20 | nodejs-lodash: prototype pollution in zipObjectDeep function | lodash:4.17.5 |
High | CVE-2021-23337 | lodash | 4.17.5 | 4.17.21 | nodejs-lodash: command injection via template | lodash:4.17.5 |
High | CVE-2019-16775 | npm | 5.8.0 | 6.13.3 | npm: Symlink reference outside of node_modules folder through the bin field upon installation | npm:5.8.0 |
High | CVE-2019-16775 | npm | 6.4.1 | 6.13.3 | npm: Symlink reference outside of node_modules folder through the bin field upon installation | npm:6.4.1 |
High | CVE-2020-7754 | npm-user-validate | 1.0.0 | 1.0.1 | nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS | npm-user-validate:1.0.0 |
High | CVE-2018-3737 | sshpk | 1.13.1 | 1.13.2 | nodejs-sshpk: ReDoS when parsing crafted invalid public keys in lib/formats/ssh.js | sshpk:1.13.1 |
High | NSWG-ECO-401 | sshpk | 1.13.1 | >=1.13.2 | Denial of Service | sshpk:1.13.1 |
High | CVE-2021-27290 | ssri | 5.2.4 | 8.0.1, 7.1.1, 6.0.2 | nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode | ssri:5.2.4 |
High | CVE-2021-27290 | ssri | 5.3.0 | 8.0.1, 7.1.1, 6.0.2 | nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode | ssri:5.3.0 |
High | CVE-2021-27290 | ssri | 6.0.0 | 8.0.1, 7.1.1, 6.0.2 | nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode | ssri:6.0.0 |
High | CVE-2018-20834 | tar | 2.2.1 | 4.4.2, 2.2.2 | nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link | tar:2.2.1 |
High | CVE-2021-32803 | tar | 2.2.1 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite | tar:2.2.1 |
High | CVE-2021-32804 | tar | 2.2.1 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite | tar:2.2.1 |
High | CVE-2021-37701 | tar | 2.2.1 | 6.1.7, 5.0.8, 4.4.16 | nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite | tar:2.2.1 |
High | CVE-2021-37712 | tar | 2.2.1 | 6.1.9, 5.0.10, 4.4.18 | nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite | tar:2.2.1 |
High | CVE-2021-37713 | tar | 2.2.1 | 6.1.9, 5.0.10, 4.4.18 | nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization | tar:2.2.1 |
High | CVE-2018-20834 | tar | 4.4.0 | 4.4.2, 2.2.2 | nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link | tar:4.4.0 |
High | CVE-2021-32803 | tar | 4.4.0 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite | tar:4.4.0 |
High | CVE-2021-32804 | tar | 4.4.0 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite | tar:4.4.0 |
High | CVE-2021-37701 | tar | 4.4.0 | 6.1.7, 5.0.8, 4.4.16 | nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite | tar:4.4.0 |
High | CVE-2021-37712 | tar | 4.4.0 | 6.1.9, 5.0.10, 4.4.18 | nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite | tar:4.4.0 |
High | CVE-2021-37713 | tar | 4.4.0 | 6.1.9, 5.0.10, 4.4.18 | nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization | tar:4.4.0 |
High | CVE-2021-32803 | tar | 4.4.6 | 6.1.2, 5.0.7, 4.4.15, 3.2.3 | nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite | tar:4.4.6 |
High | CVE-2021-32804 | tar | 4.4.6 | 6.1.1, 5.0.6, 4.4.14, 3.2.2 | nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite | tar:4.4.6 |
High | CVE-2021-37701 | tar | 4.4.6 | 6.1.7, 5.0.8, 4.4.16 | nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite | tar:4.4.6 |
High | CVE-2021-37712 | tar | 4.4.6 | 6.1.9, 5.0.10, 4.4.18 | nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite | tar:4.4.6 |
High | CVE-2021-37713 | tar | 4.4.6 | 6.1.9, 5.0.10, 4.4.18 | nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization | tar:4.4.6 |
High | CVE-2015-8857 | uglify-js | 2.2.5 | >= 2.4.24 | The uglify-js package before 2.4.24 for Node.js does not properly acco ... | uglify-js:2.2.5 |
High | CVE-2020-7774 | y18n | 3.2.1 | 5.0.5, 4.0.1, 3.2.2 | nodejs-y18n: prototype pollution vulnerability | y18n:3.2.1 |
High | CVE-2020-7774 | y18n | 4.0.0 | 5.0.5, 4.0.1, 3.2.2 | nodejs-y18n: prototype pollution vulnerability | y18n:4.0.0 |
High | CVE-2019-10773 | yarn | 1.9.4 | 1.22.0 | nodejs-yarn: Install functionality can be abused to generate arbitrary symlinks | yarn:1.9.4 |
High | CVE-2019-5448 | yarn | 1.9.4 | 1.17.3 | Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Da ... | yarn:1.9.4 |
High | CVE-2020-8131 | yarn | 1.9.4 | 1.22.0 | yarn: Arbitrary filesystem write via tar expansion | yarn:1.9.4 |
Medium | CVE-2020-3810 | apt | 1.0.9.8.4 | 1.0.9.8.6 | Missing input validation in the ar/tar implementations of APT before v ... | apt:1.0.9.8.4 |
Medium | CVE-2016-9401 | bash | 4.3-11+deb8u1 | 4.3-11+deb8u2 | bash: popd controlled free | bash:4.3-11+deb8u1 |
Medium | CVE-2016-3189 | bzip2 | 1.0.6-7 | 1.0.6-7+deb8u1 | bzip2: heap use after free in bzip2recover | bzip2:1.0.6-7 |
Medium | CVE-2019-5094 | comerr-dev | 1.42.12-2 | 1.42.12-2+deb8u1 | e2fsprogs: Crafted ext4 partition leads to out-of-bounds write | comerr-dev:1.42.12-2 |
Medium | CVE-2019-5188 | comerr-dev | 1.42.12-2 | 1.42.12-2+deb8u2 | e2fsprogs: Out-of-bounds write in e2fsck/rehash.c | comerr-dev:1.42.12-2 |
Medium | CVE-2019-5094 | e2fslibs | 1.42.12-2 | 1.42.12-2+deb8u1 | e2fsprogs: Crafted ext4 partition leads to out-of-bounds write | e2fslibs:1.42.12-2 |
Medium | CVE-2019-5188 | e2fslibs | 1.42.12-2 | 1.42.12-2+deb8u2 | e2fsprogs: Out-of-bounds write in e2fsck/rehash.c | e2fslibs:1.42.12-2 |
Medium | CVE-2019-5094 | e2fsprogs | 1.42.12-2 | 1.42.12-2+deb8u1 | e2fsprogs: Crafted ext4 partition leads to out-of-bounds write | e2fsprogs:1.42.12-2 |
Medium | CVE-2019-5188 | e2fsprogs | 1.42.12-2 | 1.42.12-2+deb8u2 | e2fsprogs: Out-of-bounds write in e2fsck/rehash.c | e2fsprogs:1.42.12-2 |
Medium | CVE-2019-8905 | file | 1:5.22+15-2+deb8u4 | 1:5.22+15-2+deb8u5 | file: stack-based buffer over-read in do_core_note in readelf.c | file:1:5.22+15-2+deb8u4 |
Medium | CVE-2017-6312 | gir1.2-gdkpixbuf-2.0 | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Out-of-bounds read in io-ico.c | gir1.2-gdkpixbuf-2.0:2.31.1-2+deb8u7 |
Medium | CVE-2017-6314 | gir1.2-gdkpixbuf-2.0 | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Infinite loop in io-tiff.c | gir1.2-gdkpixbuf-2.0:2.31.1-2+deb8u7 |
Medium | CVE-2017-1000445 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: NULL pointer dereference in MagickCore component can lead to a denial of service | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-1000476 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: CPU exhaustion vulnerability in function ReadDDSInfo in coders/dds.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-11446 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Infinite loop in ReadPESImage function in coders/pes.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-11523 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-11537 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Floating point exception in the WritePALMImage() function | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12140 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: integer signedness error in ReadDCMImage function | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12432 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadPCXImage in coders/pcx.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12563 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in the function ReadPSDImage | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12643 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadOneJNGImage function in coders\png.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12670 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Assertion failure in the function DestroyImage | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12674 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in the function ReadPDBImage | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12691 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadOneLayer function in coders/xcf.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12692 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadVIFFImage function in coders/viff.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12693 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadBMPImage function in coders/bmp.c in ImageMagick | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12875 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in WritePixelCachePixels function in coders/xcf.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13133 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Improper input validadion in load_level function in coders/xcf.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13142 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Improper validation of short files in coders/png.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13145 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Improper input validation in ReadJP2Image function in coders/jp2.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13658 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Missing NULL check in the ReadMATImage function | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13768 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in IdentifyImage function in MagickCore/identify.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14060 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadCUTImage function | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14172 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Lack of an EOF check in ReadPSImage() function | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14173 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Integer overflow in the function ReadTXTImage() | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14174 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Lack of EOF check in the ReadPSDLayersInternal() function | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14175 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Lack of EOF check in the ReadXBMImage() function | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14249 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Division by zero in the GetPixelCacheTileSize function | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14341 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Infinite loop in the ReadWPGImage function | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14400 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the GetVirtualPixels function | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14505 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Null pointer dereference in DrawGetStrokeDashArray function in wand/drawing-wand.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14741 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Infinite loop in the ReadCAPTIONImage function | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-17682 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ExtractPostscript function in coders/wpg.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-17914 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: denial of service in the function ReadOnePNGImage in coders/png.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-18271 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: infinite loop in ReadMIFFImage function in coders/miff.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-18273 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: infinite loop ReadTXTImage in function in coders/txt.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-9500 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Assertion failure in ResetImageProfileIterator | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16642 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: out-of-bounds write in InsertRow function in coders/cut.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16643 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: missing check for fputc function in multiple files | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16644 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: improper check for length in ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16645 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: Out-of-memory ReadBMPImage of coders/bmp.c and ReadDIBImage of codes/dib.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16749 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: reachable assertion in ReadOneJNGImage in coders/png.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-18025 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u15 | ImageMagick: heap-based buffer over-read in the EncodeImage function of coders/pict.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-11470 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: denial of service in cineon parsing component | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-12974 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-14981 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-15139 | imagemagick | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c | imagemagick:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-1000445 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: NULL pointer dereference in MagickCore component can lead to a denial of service | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-1000476 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: CPU exhaustion vulnerability in function ReadDDSInfo in coders/dds.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-11446 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Infinite loop in ReadPESImage function in coders/pes.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-11523 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-11537 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Floating point exception in the WritePALMImage() function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12140 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: integer signedness error in ReadDCMImage function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12432 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadPCXImage in coders/pcx.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12563 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in the function ReadPSDImage | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12643 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadOneJNGImage function in coders\png.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12670 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Assertion failure in the function DestroyImage | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12674 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in the function ReadPDBImage | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12691 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadOneLayer function in coders/xcf.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12692 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadVIFFImage function in coders/viff.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12693 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadBMPImage function in coders/bmp.c in ImageMagick | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12875 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in WritePixelCachePixels function in coders/xcf.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13133 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Improper input validadion in load_level function in coders/xcf.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13142 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Improper validation of short files in coders/png.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13145 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Improper input validation in ReadJP2Image function in coders/jp2.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13658 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Missing NULL check in the ReadMATImage function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13768 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in IdentifyImage function in MagickCore/identify.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14060 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadCUTImage function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14172 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Lack of an EOF check in ReadPSImage() function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14173 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Integer overflow in the function ReadTXTImage() | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14174 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Lack of EOF check in the ReadPSDLayersInternal() function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14175 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Lack of EOF check in the ReadXBMImage() function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14249 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Division by zero in the GetPixelCacheTileSize function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14341 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Infinite loop in the ReadWPGImage function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14400 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the GetVirtualPixels function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14505 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Null pointer dereference in DrawGetStrokeDashArray function in wand/drawing-wand.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14741 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Infinite loop in the ReadCAPTIONImage function | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-17682 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ExtractPostscript function in coders/wpg.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-17914 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: denial of service in the function ReadOnePNGImage in coders/png.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-18271 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: infinite loop in ReadMIFFImage function in coders/miff.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-18273 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: infinite loop ReadTXTImage in function in coders/txt.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-9500 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Assertion failure in ResetImageProfileIterator | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16642 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: out-of-bounds write in InsertRow function in coders/cut.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16643 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: missing check for fputc function in multiple files | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16644 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: improper check for length in ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16645 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: Out-of-memory ReadBMPImage of coders/bmp.c and ReadDIBImage of codes/dib.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16749 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: reachable assertion in ReadOneJNGImage in coders/png.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-18025 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u15 | ImageMagick: heap-based buffer over-read in the EncodeImage function of coders/pict.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-11470 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: denial of service in cineon parsing component | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-12974 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-14981 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-15139 | imagemagick-6.q16 | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c | imagemagick-6.q16:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-1000445 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | imagemagick: NULL pointer dereference in MagickCore component can lead to a denial of service | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-1000476 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: CPU exhaustion vulnerability in function ReadDDSInfo in coders/dds.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-11446 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Infinite loop in ReadPESImage function in coders/pes.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-11523 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-11537 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Floating point exception in the WritePALMImage() function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12140 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: integer signedness error in ReadDCMImage function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12432 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadPCXImage in coders/pcx.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12563 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in the function ReadPSDImage | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12643 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadOneJNGImage function in coders\png.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12670 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Assertion failure in the function DestroyImage | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12674 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in the function ReadPDBImage | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12691 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadOneLayer function in coders/xcf.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12692 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadVIFFImage function in coders/viff.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12693 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Memory exhaustion in ReadBMPImage function in coders/bmp.c in ImageMagick | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-12875 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in WritePixelCachePixels function in coders/xcf.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13133 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Improper input validadion in load_level function in coders/xcf.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13142 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Improper validation of short files in coders/png.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13145 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Improper input validation in ReadJP2Image function in coders/jp2.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13658 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Missing NULL check in the ReadMATImage function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-13768 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in IdentifyImage function in MagickCore/identify.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14060 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in ReadCUTImage function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14172 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Lack of an EOF check in ReadPSImage() function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14173 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Integer overflow in the function ReadTXTImage() | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14174 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Lack of EOF check in the ReadPSDLayersInternal() function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14175 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Lack of EOF check in the ReadXBMImage() function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14249 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Division by zero in the GetPixelCacheTileSize function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14341 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Infinite loop in the ReadWPGImage function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14400 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: NULL pointer dereference in the GetVirtualPixels function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14505 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Null pointer dereference in DrawGetStrokeDashArray function in wand/drawing-wand.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-14741 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Infinite loop in the ReadCAPTIONImage function | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-17682 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Resource exhaustion in ExtractPostscript function in coders/wpg.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-17914 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: denial of service in the function ReadOnePNGImage in coders/png.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-18271 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: infinite loop in ReadMIFFImage function in coders/miff.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-18273 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: infinite loop ReadTXTImage in function in coders/txt.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2017-9500 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u16 | ImageMagick: Assertion failure in ResetImageProfileIterator | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16642 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: out-of-bounds write in InsertRow function in coders/cut.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16643 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: missing check for fputc function in multiple files | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16644 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: improper check for length in ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16645 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: Out-of-memory ReadBMPImage of coders/bmp.c and ReadDIBImage of codes/dib.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-16749 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u14 | ImageMagick: reachable assertion in ReadOneJNGImage in coders/png.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-18025 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u15 | ImageMagick: heap-based buffer over-read in the EncodeImage function of coders/pict.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-11470 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: denial of service in cineon parsing component | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-12974 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u17 | imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-14981 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2019-15139 | imagemagick-common | 8:6.8.9.9-5+deb8u13 | 8:6.8.9.9-5+deb8u18 | ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c | imagemagick-common:8:6.8.9.9-5+deb8u13 |
Medium | CVE-2018-20217 | krb5-multidev | 1.12.1+dfsg-19+deb8u4 | 1.12.1+dfsg-19+deb8u5 | krb5: Reachable assertion in the KDC using S4U2Self requests | krb5-multidev:1.12.1+dfsg-19+deb8u4 |
Medium | CVE-2018-5729 | krb5-multidev | 1.12.1+dfsg-19+deb8u4 | 1.12.1+dfsg-19+deb8u5 | krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data | krb5-multidev:1.12.1+dfsg-19+deb8u4 |
Medium | CVE-2020-3810 | libapt-pkg4.12 | 1.0.9.8.4 | 1.0.9.8.6 | Missing input validation in the ar/tar implementations of APT before v ... | libapt-pkg4.12:1.0.9.8.4 |
Medium | CVE-2016-3189 | libbz2-1.0 | 1.0.6-7 | 1.0.6-7+deb8u1 | bzip2: heap use after free in bzip2recover | libbz2-1.0:1.0.6-7 |
Medium | CVE-2016-3189 | libbz2-dev | 1.0.6-7 | 1.0.6-7+deb8u1 | bzip2: heap use after free in bzip2recover | libbz2-dev:1.0.6-7 |
Medium | CVE-2019-5094 | libcomerr2 | 1.42.12-2 | 1.42.12-2+deb8u1 | e2fsprogs: Crafted ext4 partition leads to out-of-bounds write | libcomerr2:1.42.12-2 |
Medium | CVE-2019-5188 | libcomerr2 | 1.42.12-2 | 1.42.12-2+deb8u2 | e2fsprogs: Out-of-bounds write in e2fsck/rehash.c | libcomerr2:1.42.12-2 |
Medium | CVE-2019-15142 | libdjvulibre-dev | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ... | libdjvulibre-dev:3.5.25.4-4 |
Medium | CVE-2019-15143 | libdjvulibre-dev | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ... | libdjvulibre-dev:3.5.25.4-4 |
Medium | CVE-2019-15144 | libdjvulibre-dev | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate< ... | libdjvulibre-dev:3.5.25.4-4 |
Medium | CVE-2019-15145 | libdjvulibre-dev | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack ... | libdjvulibre-dev:3.5.25.4-4 |
Medium | CVE-2019-15142 | libdjvulibre-text | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ... | libdjvulibre-text:3.5.25.4-4 |
Medium | CVE-2019-15143 | libdjvulibre-text | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ... | libdjvulibre-text:3.5.25.4-4 |
Medium | CVE-2019-15144 | libdjvulibre-text | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate< ... | libdjvulibre-text:3.5.25.4-4 |
Medium | CVE-2019-15145 | libdjvulibre-text | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack ... | libdjvulibre-text:3.5.25.4-4 |
Medium | CVE-2019-15142 | libdjvulibre21 | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ... | libdjvulibre21:3.5.25.4-4 |
Medium | CVE-2019-15143 | libdjvulibre21 | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ... | libdjvulibre21:3.5.25.4-4 |
Medium | CVE-2019-15144 | libdjvulibre21 | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate< ... | libdjvulibre21:3.5.25.4-4 |
Medium | CVE-2019-15145 | libdjvulibre21 | 3.5.25.4-4 | 3.5.25.4-4+deb8u1 | DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack ... | libdjvulibre21:3.5.25.4-4 |
Medium | CVE-2020-0093 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u2 | libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c | libexif-dev:0.6.21-2 |
Medium | CVE-2020-0182 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u4 | libexif: out of bounds read due to a missing bounds check in exif_entry_get_value function in exif-entry.c | libexif-dev:0.6.21-2 |
Medium | CVE-2020-12767 | libexif-dev | 0.6.21-2 | 0.6.21-2+deb8u2 | libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c | libexif-dev:0.6.21-2 |
Medium | CVE-2020-0093 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u2 | libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c | libexif12:0.6.21-2 |
Medium | CVE-2020-0182 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u4 | libexif: out of bounds read due to a missing bounds check in exif_entry_get_value function in exif-entry.c | libexif12:0.6.21-2 |
Medium | CVE-2020-12767 | libexif12 | 0.6.21-2 | 0.6.21-2+deb8u2 | libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c | libexif12:0.6.21-2 |
Medium | CVE-2015-9382 | libfreetype6 | 2.5.2-3+deb8u2 | 2.5.2-3+deb8u4 | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read | libfreetype6:2.5.2-3+deb8u2 |
Medium | CVE-2015-9383 | libfreetype6 | 2.5.2-3+deb8u2 | 2.5.2-3+deb8u4 | freetype: a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c may lead to a DoS | libfreetype6:2.5.2-3+deb8u2 |
Medium | CVE-2015-9382 | libfreetype6-dev | 2.5.2-3+deb8u2 | 2.5.2-3+deb8u4 | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read | libfreetype6-dev:2.5.2-3+deb8u2 |
Medium | CVE-2015-9383 | libfreetype6-dev | 2.5.2-3+deb8u2 | 2.5.2-3+deb8u4 | freetype: a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c may lead to a DoS | libfreetype6-dev:2.5.2-3+deb8u2 |
Medium | CVE-2019-13627 | libgcrypt20 | 1.6.3-2+deb8u5 | 1.6.3-2+deb8u8 | libgcrypt: ECDSA timing attack allowing private key leak | libgcrypt20:1.6.3-2+deb8u5 |
Medium | CVE-2018-5711 | libgd3 | 2.1.0-5+deb8u11 | 2.1.0-5+deb8u12 | gd: Infinite loop in gdImageCreateFromGifCtx() in gd_gif_in.c | libgd3:2.1.0-5+deb8u11 |
Medium | CVE-2019-11038 | libgd3 | 2.1.0-5+deb8u11 | 2.1.0-5+deb8u13 | gd: Information disclosure in gdImageCreateFromXbm() | libgd3:2.1.0-5+deb8u11 |
Medium | CVE-2017-6312 | libgdk-pixbuf2.0-0 | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Out-of-bounds read in io-ico.c | libgdk-pixbuf2.0-0:2.31.1-2+deb8u7 |
Medium | CVE-2017-6314 | libgdk-pixbuf2.0-0 | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Infinite loop in io-tiff.c | libgdk-pixbuf2.0-0:2.31.1-2+deb8u7 |
Medium | CVE-2017-6312 | libgdk-pixbuf2.0-common | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Out-of-bounds read in io-ico.c | libgdk-pixbuf2.0-common:2.31.1-2+deb8u7 |
Medium | CVE-2017-6314 | libgdk-pixbuf2.0-common | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Infinite loop in io-tiff.c | libgdk-pixbuf2.0-common:2.31.1-2+deb8u7 |
Medium | CVE-2017-6312 | libgdk-pixbuf2.0-dev | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Out-of-bounds read in io-ico.c | libgdk-pixbuf2.0-dev:2.31.1-2+deb8u7 |
Medium | CVE-2017-6314 | libgdk-pixbuf2.0-dev | 2.31.1-2+deb8u7 | 2.31.1-2+deb8u8 | gdk-pixbuf: Infinite loop in io-tiff.c | libgdk-pixbuf2.0-dev:2.31.1-2+deb8u7 |
Medium | CVE-2018-10844 | libgnutls-deb0-28 | 3.3.8-6+deb8u7 | 3.3.30-0+deb8u1 | gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls | libgnutls-deb0-28:3.3.8-6+deb8u7 |
Medium | CVE-2018-10845 | libgnutls-deb0-28 | 3.3.8-6+deb8u7 | 3.3.30-0+deb8u1 | gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant | libgnutls-deb0-28:3.3.8-6+deb8u7 |
Medium | CVE-2018-10846 | libgnutls-deb0-28 | 3.3.8-6+deb8u7 | 3.3.30-0+deb8u1 | gnutls: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery | libgnutls-deb0-28:3.3.8-6+deb8u7 |
Medium | CVE-2018-10844 | libgnutls-openssl27 | 3.3.8-6+deb8u7 | 3.3.30-0+deb8u1 | gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls | libgnutls-openssl27:3.3.8-6+deb8u7 |
Medium | CVE-2018-10845 | libgnutls-openssl27 | 3.3.8-6+deb8u7 | 3.3.30-0+deb8u1 | gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant | libgnutls-openssl27:3.3.8-6+deb8u7 |
Medium | CVE-2018-10846 | libgnutls-openssl27 | 3.3.8-6+deb8u7 | 3.3.30-0+deb8u1 | gnutls: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery | libgnutls-openssl27:3.3.8-6+deb8u7 |
Medium | CVE-2018-20217 | libgssapi-krb5-2 | 1.12.1+dfsg-19+deb8u4 | 1.12.1+dfsg-19+deb8u5 | krb5: Reachable assertion in the KDC using S4U2Self requests | libgssapi-krb5-2:1.12.1+dfsg-19+deb8u4 |
Medium | CVE-2018-5729 | libgssapi-krb5-2 | 1.12.1+dfsg-19+deb8u4 | 1.12.1+dfsg-19+deb8u5 | krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data | libgssapi-krb5-2:1.12.1+dfsg-19+deb8u4 |
Medium | CVE-2018-20217 | libgssrpc4 | 1.12.1+dfsg-19+deb8u4 | 1.12.1+dfsg-19+deb8u5 | krb5: Reachable assertion in the KDC using S4U2Self requests | libgssrpc4:1.12.1+dfsg-19+deb8u4 |
Medium | CVE-2018-5729 | libgssrpc4 | 1.12.1+dfsg-19+deb8u4 | 1.12.1+dfsg-19+deb8u5 | krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data | libgssrpc4:1.12.1+dfsg-19+deb8u4 |
Medium | CVE-2017-2626 | libice-dev | 2:1.0.9-1 | 2:1.0.9-1+deb8u1 | libICE: weak entropy usage in session keys | libice-dev:2:1.0.9-1 |
Medium | CVE-2017-2626 | libice6 | 2:1.0.9-1 | 2:1.0.9-1+deb8u1 | libICE: weak entropy usage in session keys | libice6:2:1.0.9-1 |
Medium | CVE-2015-5203 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u4 | jasper: integer overflow in jas_image_cmpt_create() | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2015-5221 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u4 | jasper: use-after-free and double-free flaws in mif_process_cmpt() | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2016-8690 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u4 | CVE-2016-8884 CVE-2016-8885 jasper: missing jas_matrix_create() parameter checks | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2017-14132 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u4 | jasper: heap-based buffer over-read in jas_image_ishomosamp() | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-18873 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: NULL pointer dereference in ras_putdatastd() in ras_enc.c | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-19539 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: access violation in jas_image_readcmpt() in jas_image.c | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-19542 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: invalid access in jp2_decode in libjasper/jp2/jp2_dec.c | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-20570 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: heap-based buffer over-read in jp2_encode() | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-20584 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: DoS / hang when converting to jp2 format | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-20622 | libjasper-dev | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: memory leak in jpc_dec_decodepkt() | libjasper-dev:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2015-5203 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u4 | jasper: integer overflow in jas_image_cmpt_create() | libjasper1:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2015-5221 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u4 | jasper: use-after-free and double-free flaws in mif_process_cmpt() | libjasper1:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2016-8690 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u4 | CVE-2016-8884 CVE-2016-8885 jasper: missing jas_matrix_create() parameter checks | libjasper1:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2017-14132 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u4 | jasper: heap-based buffer over-read in jas_image_ishomosamp() | libjasper1:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-18873 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: NULL pointer dereference in ras_putdatastd() in ras_enc.c | libjasper1:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-19539 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: access violation in jas_image_readcmpt() in jas_image.c | libjasper1:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-19542 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: invalid access in jp2_decode in libjasper/jp2/jp2_dec.c | libjasper1:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-20570 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: heap-based buffer over-read in jp2_encode() | libjasper1:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-20584 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: DoS / hang when converting to jp2 format | libjasper1:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-20622 | libjasper1 | 1.900.1-debian1-2.4+deb8u3 | 1.900.1-debian1-2.4+deb8u5 | jasper: memory leak in jpc_dec_decodepkt() | libjasper1:1.900.1-debian1-2.4+deb8u3 |
Medium | CVE-2018-11212 | libjpeg-dev | 1:1.3.1-12 | 1:1.3.1-12+deb8u1 | libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c | libjpeg-dev:1:1.3.1-12 |
Medium | CVE-2018-11213 | libjpeg-dev | 1:1.3.1-12 | 1:1.3.1-12+deb8u1 | libjpeg: Segmentation fault in get_text_gray_row function in rdppm.c | libjpeg-dev:1:1.3.1-12 |
Medium | CVE-2018-11214 | libjpeg-dev | 1:1.3.1-12 | 1:1.3.1-12+deb8u1 | libjpeg: Segmentation fault in get_text_rgb_row function in rdppm.c | libjpeg-dev:1:1.3.1-12 |
Medium | CVE-2018-1152 | libjpeg-dev | 1:1.3.1-12 | 1:1.3.1-12+deb8u1 | libjpeg-turbo: Divide by zero allows for denial of service via crafted BMP image | libjpeg-dev:1:1.3.1-12 |
Medium | CVE-2018-14498 | libjpeg-dev | 1:1.3.1-12 | 1:1.3.1-12+deb8u2 | libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service | libjpeg-dev:1:1.3.1-12 |
Medium | CVE-2018-11212 | libjpeg62-turbo | 1:1.3.1-12 | 1:1.3.1-12+deb8u1 | libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c | libjpeg62-turbo:1:1.3.1-12 |
Medium | CVE-2018-11213 | libjpeg62-turbo | 1:1.3.1-12 | 1:1.3.1-12+deb8u1 | libjpeg: Segmentation fault in get_text_gray_row function in rdppm.c | libjpeg62-turbo:1:1.3.1-12 |
Medium | CVE-2018-11214 | libjpeg62-turbo | 1:1.3.1-12 | 1:1.3.1-12+deb8u1 | libjpeg: Segmentation fault in get_text_rgb_row function in rdppm.c | libjpeg62-turbo:1:1.3.1-12 |
Medium | CVE-2018-1152 | libjpeg62-turbo | 1:1.3.1-12 | 1:1.3.1-12+deb8u1 | libjpeg-turbo: Divide by zero allows for denial of service via crafted BMP image | libjpeg62-turbo:1:1.3.1-12 |
Command
ADD file:8d73a09e59fe50289a6d0c019302aefe2e00ac6411e82404389c0c83f50cf08a in /
Vulnerable packages, installed in this layer 5 years ago
Command
CMD ["bash"]
Command
RUN apt-get update &&
apt-get install -y --no-install-recommends ca-certificates curl netbase wget &&
rm -rf /var/lib/apt/lists/*
Vulnerable packages, installed in this layer 5 years ago
Command
RUN set -ex;
if ! command -v gpg > /dev/null;
then apt-get update;
apt-get install -y --no-install-recommends gnupg dirmngr;
rm -rf /var/lib/apt/lists/*;
fi
Command
RUN apt-get update &&
apt-get install -y --no-install-recommends bzr git mercurial openssh-client subversion procps &&
rm -rf /var/lib/apt/lists/*
Vulnerable packages, installed in this layer 5 years ago
Command
RUN set -ex;
apt-get update;
apt-get install -y --no-install-recommends autoconf automake bzip2 dpkg-dev file g++ gcc imagemagick libbz2-dev libc6-dev libcurl4-openssl-dev libdb-dev libevent-dev libffi-dev libgdbm-dev libgeoip-de...;
then echo 'default-libmysqlclient-dev';
else echo 'libmysqlclient-dev';
fi );
rm -rf /var/lib/apt/lists/*
Vulnerable packages, installed in this layer 5 years ago
Command
RUN groupadd --gid 1000 node &&
useradd --uid 1000 --gid node --shell /bin/bash --create-home node
Command
RUN set -ex &&
for key in 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 FD3A5288F042B6850C66B31F09FE44734EB7990E 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 DD8F2338BAE7501E3DD5AC78C273792F7D83545D C4F0DFFF4E8C1A8236409D08E...
Command
ENV NODE_VERSION=8.12.0
Command
RUN ARCH= &&
dpkgArch="$(dpkg --print-architecture)" &&
case "${dpkgArch##*-}" in amd64) ARCH='x64';; ppc64el) ARCH='ppc64le';; s390x) ARCH='s390x';; arm64) ARCH='arm64';; armhf) ARCH='armv7l';; i386) ARCH='x86';; *) echo "unsupported architecture"; exit 1... &&
curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" &&
curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" &&
gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc &&
grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - &&
tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner &&
rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt &&
ln -s /usr/local/bin/node /usr/local/bin/nodejs
Vulnerable packages, installed in this layer 5 years ago
Command
ENV YARN_VERSION=1.9.4
Command
RUN set -ex &&
for key in 6A010C5166006599AA17F08146C2130DFD2497F5 ; do gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || gpg --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key... &&
curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" &&
curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" &&
gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz &&
mkdir -p /opt &&
tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ &&
ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn &&
ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg &&
rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz
Vulnerable package, installed in this layer 5 years ago
Command
CMD ["node"]
Command
WORKDIR /usr/src/app
Command
COPY multi:1418a7f03b4e1c21149a8b06c6c6163bf254f207c7f00cb3b787d07ab184b80c in ./
Command
RUN npm install
Vulnerable packages, installed in this layer 5 years ago
Command
COPY dir:b7e504e7533b05617f18fb7530f15d7e905029fc681ff4c7c36d2739a473cc83 in .
Command
EXPOSE 8080
Command
CMD ["npm" "start"]
Dynamic Analysis Results
The following graph outlines the most important system events generated by the container:
The container made the following DNS requests:
Request | Response |
---|---|
A → registry.npmjs.org |
A → 104.16.24.35 A → 104.16.23.35 A → 104.16.25.35 A → 104.16.27.35 A → 104.16.26.35 A → 104.16.18.35 A → 104.16.20.35 A → 104.16.21.35 A → 104.16.22.35 A → 104.16.17.35 A → 104.16.16.35 A → 104.16.19.35 |
AAAA → registry.npmjs.org |
AAAA → 2606:4700::6810:1823 AAAA → 2606:4700::6810:1b23 AAAA → 2606:4700::6810:1123 AAAA → 2606:4700::6810:1a23 AAAA → 2606:4700::6810:1923 AAAA → 2606:4700::6810:1323 AAAA → 2606:4700::6810:1623 AAAA → 2606:4700::6810:1023 AAAA → 2606:4700::6810:1723 AAAA → 2606:4700::6810:1223 AAAA → 2606:4700::6810:1523 AAAA → 2606:4700::6810:1423 |
A → ajax.googleapis.com | A → 142.251.16.95 |
AAAA → ajax.googleapis.com | AAAA → 2607:f8b0:4004:c09::5f |
AAAA → maxcdn.bootstrapcdn.com |
AAAA → 2606:4700::6812:acf AAAA → 2606:4700::6812:bcf |
A → maxcdn.bootstrapcdn.com |
A → 104.18.11.207 A → 104.18.10.207 |
The container attempts to connect to the following remote hosts:
IP address | Domain | Location | Coordinates | ASN organization |
---|---|---|---|---|
104.16.23.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
104.16.24.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
142.251.16.95 | ajax.googleapis.com | United States | 37.751, -97.822 | |
104.16.20.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
104.16.25.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
104.16.22.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
104.16.17.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
104.16.26.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
104.16.27.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
104.18.11.207 | maxcdn.bootstrapcdn.com | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
104.16.16.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
104.16.18.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
104.16.19.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
104.16.21.35 | registry.npmjs.org | San Francisco, United States | 37.7621, -122.3971 | Cloudflare, Inc. |
The container starts a service that renders the following contents over port 8080:
The container produces the following text output: