admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-02-04 04:01:15 +00:00
parent c848f6010b
commit 254e039f80
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
3 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2020/5xxx/CVE-2020-5235.json
View File

@ -41,7 +41,7 @@
"description_data": [
{
"lang": "eng",
"value": "There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4.\n\nWhen nanopb is compiled with PB_ENABLE_MALLOC, the message to be decoded contains a repeated string, bytes or message field and\nrealloc() runs out of memory when expanding the array nanopb can end up calling `free()` on a pointer value that comes from uninitialized memory. \nDepending on platform this can result in a crash or further memory corruption, which may be exploitable in some cases.\n\nThis problem is fixed in nanopb-0.4.1, nanopb-0.3.9.5, nanopb-0.2.9.4."
"value": "There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4. When nanopb is compiled with PB_ENABLE_MALLOC, the message to be decoded contains a repeated string, bytes or message field and realloc() runs out of memory when expanding the array nanopb can end up calling `free()` on a pointer value that comes from uninitialized memory. Depending on platform this can result in a crash or further memory corruption, which may be exploitable in some cases. This problem is fixed in nanopb-0.4.1, nanopb-0.3.9.5, nanopb-0.2.9.4."
}
]
},
@ -101,4 +101,4 @@
"advisory": "GHSA-gcx3-7m76-287p",
"discovery": "UNKNOWN"
}
}
}

4
2020/5xxx/CVE-2020-5236.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. \nWhen a header like \"Bad-header: xxxxxxxxxxxxxxx\\x10\" is received, it will cause the regular expression engine to \ncatastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions.\nThis allows an attacker to send a single request with an invalid header and take the service offline.\n\nThis issue was introduced in version 1.4.2 when the regular expression was updated to attempt to match the behaviour required by errata associated with RFC7230.\n\nThe regular expression that is used to validate incoming headers has been updated in version 1.4.3, it is recommended that people upgrade to the new version of Waitress as soon as possible."
"value": "Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. When a header like \"Bad-header: xxxxxxxxxxxxxxx\\x10\" is received, it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This allows an attacker to send a single request with an invalid header and take the service offline. This issue was introduced in version 1.4.2 when the regular expression was updated to attempt to match the behaviour required by errata associated with RFC7230. The regular expression that is used to validate incoming headers has been updated in version 1.4.3, it is recommended that people upgrade to the new version of Waitress as soon as possible."
}
]
},
@ -85,4 +85,4 @@
"advisory": "GHSA-73m2-3pwg-5fgc",
"discovery": "UNKNOWN"
}
}
}

5
2020/8xxx/CVE-2020-8512.json
View File

@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156103/IceWarp-WebMail-11.4.4.1-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/156103/IceWarp-WebMail-11.4.4.1-Cross-Site-Scripting.html"
},
{
"url": "https://cxsecurity.com/issue/WLB-2020010205",
"refsource": "MISC",