From 254e039f805cbdcd6387311feb62b297c4e9e386 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 4 Feb 2020 04:01:15 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/5xxx/CVE-2020-5235.json | 4 ++-- 2020/5xxx/CVE-2020-5236.json | 4 ++-- 2020/8xxx/CVE-2020-8512.json | 5 +++++ 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/2020/5xxx/CVE-2020-5235.json b/2020/5xxx/CVE-2020-5235.json index 54939fd4285..3bceda99d0b 100644 --- a/2020/5xxx/CVE-2020-5235.json +++ b/2020/5xxx/CVE-2020-5235.json @@ -41,7 +41,7 @@ "description_data": [ { "lang": "eng", - "value": "There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4.\n\nWhen nanopb is compiled with PB_ENABLE_MALLOC, the message to be decoded contains a repeated string, bytes or message field and\nrealloc() runs out of memory when expanding the array nanopb can end up calling `free()` on a pointer value that comes from uninitialized memory. \nDepending on platform this can result in a crash or further memory corruption, which may be exploitable in some cases.\n\nThis problem is fixed in nanopb-0.4.1, nanopb-0.3.9.5, nanopb-0.2.9.4." + "value": "There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4. When nanopb is compiled with PB_ENABLE_MALLOC, the message to be decoded contains a repeated string, bytes or message field and realloc() runs out of memory when expanding the array nanopb can end up calling `free()` on a pointer value that comes from uninitialized memory. Depending on platform this can result in a crash or further memory corruption, which may be exploitable in some cases. This problem is fixed in nanopb-0.4.1, nanopb-0.3.9.5, nanopb-0.2.9.4." } ] }, @@ -101,4 +101,4 @@ "advisory": "GHSA-gcx3-7m76-287p", "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5236.json b/2020/5xxx/CVE-2020-5236.json index b5bfe5ebd06..4974bb1984d 100644 --- a/2020/5xxx/CVE-2020-5236.json +++ b/2020/5xxx/CVE-2020-5236.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. \nWhen a header like \"Bad-header: xxxxxxxxxxxxxxx\\x10\" is received, it will cause the regular expression engine to \ncatastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions.\nThis allows an attacker to send a single request with an invalid header and take the service offline.\n\nThis issue was introduced in version 1.4.2 when the regular expression was updated to attempt to match the behaviour required by errata associated with RFC7230.\n\nThe regular expression that is used to validate incoming headers has been updated in version 1.4.3, it is recommended that people upgrade to the new version of Waitress as soon as possible." + "value": "Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. When a header like \"Bad-header: xxxxxxxxxxxxxxx\\x10\" is received, it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This allows an attacker to send a single request with an invalid header and take the service offline. This issue was introduced in version 1.4.2 when the regular expression was updated to attempt to match the behaviour required by errata associated with RFC7230. The regular expression that is used to validate incoming headers has been updated in version 1.4.3, it is recommended that people upgrade to the new version of Waitress as soon as possible." } ] }, @@ -85,4 +85,4 @@ "advisory": "GHSA-73m2-3pwg-5fgc", "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2020/8xxx/CVE-2020-8512.json b/2020/8xxx/CVE-2020-8512.json index c026df48615..f9a298cc5f6 100644 --- a/2020/8xxx/CVE-2020-8512.json +++ b/2020/8xxx/CVE-2020-8512.json @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156103/IceWarp-WebMail-11.4.4.1-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/156103/IceWarp-WebMail-11.4.4.1-Cross-Site-Scripting.html" + }, { "url": "https://cxsecurity.com/issue/WLB-2020010205", "refsource": "MISC",