Waugustus

#8931of 53,624
30.6Total CVSS
Vulnerabilities · 4
Medium
2
High
2
PT-2022-19939
6.5
2022-05-11
Libsixel · Libsixel · CVE-2022-29977
**Name of the Vulnerable Software and Affected Versions** libsixel img2sixel version 1.8.6 **Description** The issue is related to an assertion failure error in `stbi jpeg huff decode` at `stb image.h:1894`. This error can be triggered by remote attackers using a crafted JPEG file, potentially causing a denial-of-service. **Recommendations** For libsixel img2sixel version 1.8.6, consider updating to a newer version that addresses the assertion failure error in `stbi jpeg huff decode` to prevent denial-of-service attacks via crafted JPEG files. As a temporary workaround, consider restricting the processing of JPEG files until a patch is available.
PT-2022-19940
6.5
2022-05-11
Libsixel · Libsixel · CVE-2022-29978
**Name of the Vulnerable Software and Affected Versions** libsixel img2sixel version 1.8.6 **Description** The issue is related to a floating point exception error in the `sixel encoder do resize` function, located in `encoder.c:633` of libsixel img2sixel. This error can be triggered by remote attackers using a crafted JPEG file, potentially causing a denial-of-service. **Recommendations** For libsixel img2sixel version 1.8.6, consider disabling the `sixel encoder do resize` function as a temporary workaround until a patch is available. Restrict the processing of JPEG files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2019-18656
8.8
2019-02-07
Libming · Libming · CVE-2019-7581
**Name of the Vulnerable Software and Affected Versions** libming versions prior to 0.4.8 **Description** The issue is related to the parseSWF ACTIONRECORD function in util/parser.c, which allows remote attackers to have an unspecified impact via a crafted swf file. This can trigger a memory allocation failure. **Recommendations** For versions prior to 0.4.8, update to version 0.4.8 or later to resolve the issue.
PT-2019-18657
8.8
2019-02-07
Libming · Libming · CVE-2019-7582
**Name of the Vulnerable Software and Affected Versions** libming versions prior to 0.4.8 **Description** The issue is related to the readBytes function in util/read.c, which can be exploited by remote attackers using a crafted swf file. This exploitation can trigger a memory allocation failure, potentially leading to unspecified impact. **Recommendations** For versions prior to 0.4.8, update to version 0.4.8 or later to resolve the issue.