Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-09-13 | CVE-2022-2989 | An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. | Podman, Enterprise_linux, Openshift_container_platform | 7.1 | ||
| 2022-09-13 | CVE-2022-2990 | An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. | Buildah, Enterprise_linux, Openshift_container_platform | 7.1 | ||
| 2019-01-01 | CVE-2018-20650 | A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach. | Ubuntu_linux, Debian_linux, Poppler, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 6.5 | ||
| 2016-12-22 | CVE-2016-9675 | openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code. | Enterprise_linux, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_scientific_computing, Openjpeg | 7.8 | ||
| 2021-05-21 | CVE-2018-25010 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter(). | Enterprise_linux, Libwebp | 9.1 | ||
| 2021-05-21 | CVE-2018-25011 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16(). | Enterprise_linux, Libwebp | 9.8 | ||
| 2021-05-21 | CVE-2018-25013 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes(). | Enterprise_linux, Libwebp | 9.1 | ||
| 2021-05-21 | CVE-2018-25014 | A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(). | Enterprise_linux, Libwebp | 9.8 | ||
| 2022-08-26 | CVE-2021-35939 | It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | Enterprise_linux, Rpm | 6.7 | ||
| 2019-12-23 | CVE-2019-18390 | An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands. | Debian_linux, Leap, Enterprise_linux, Virglrenderer | 7.1 |