Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-10733 | 3 Gnome, Opensuse, Redhat | 6 Libgxps, Leap, Ansible Tower and 3 more | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack. | |||||
CVE-2018-10767 | 2 Gnome, Redhat | 5 Libgxps, Ansible Tower, Enterprise Linux Desktop and 2 more | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will lead to a remote denial of service attack. | |||||
CVE-2017-11590 | 1 Gnome | 1 Libgxps | 2017-07-28 | 4.3 MEDIUM | 7.5 HIGH |
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack. |