» 2022 » 1월

CVE-2021-44717

Posted on 2022년 1월 1일2022년 1월 1일 by admin

CVE-2021-44717

Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.

Source: CVE-2021-44717

CVE-2021-41817

Posted on 2022년 1월 1일2022년 1월 1일 by admin

CVE-2021-41817

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

Source: CVE-2021-41817

CVE-2021-44716

Posted on 2022년 1월 1일2022년 1월 1일 by admin

CVE-2021-44716

net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.

Source: CVE-2021-44716

CVE-2021-45943

Posted on 2022년 1월 1일2022년 1월 1일 by admin

CVE-2021-45943

GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).

Source: CVE-2021-45943

CVE-2021-45942

Posted on 2022년 1월 1일2022년 1월 1일 by admin

CVE-2021-45942

OpenEXR 3.1.0 through 3.1.3 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask).

Source: CVE-2021-45942

CVE-2021-45932

Posted on 2022년 1월 1일2022년 1월 1일 by admin

CVE-2021-45932

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).

Source: CVE-2021-45932

CVE-2021-45937

Posted on 2022년 1월 1일2022년 1월 1일 by admin

CVE-2021-45937

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Connect).

Source: CVE-2021-45937

CVE-2021-45938

Posted on 2022년 1월 1일2022년 1월 1일 by admin

CVE-2021-45938

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe).

Source: CVE-2021-45938

CVE-2021-45935

Posted on 2022년 1월 1일2022년 1월 1일 by admin

CVE-2021-45935

Grok 9.5.0 has a heap-based buffer overflow in openhtj2k::T1OpenHTJ2K::decompress (called from std::__1::__packaged_task_func<std::__1::__bind<grk::T1DecompressScheduler::deco and std::__1::packaged_task<int).

Source: CVE-2021-45935

CVE-2021-45936

Posted on 2022년 1월 1일2022년 1월 1일 by admin

CVE-2021-45936

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClient_DecodePacket and MqttClient_WaitType).

Source: CVE-2021-45936