Debian: >> Debian Linux >> 8.0 Security Vulnerabilities
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
CVSS Score
9.8
EPSS Score
0.041
Published
2019-01-02
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
CVSS Score
9.8
EPSS Score
0.068
Published
2019-01-02
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-01-02
A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-01-01
JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.
CVSS Score
6.5
EPSS Score
0.02
Published
2018-12-31
JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-12-30
There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.
CVSS Score
8.8
EPSS Score
0.008
Published
2018-12-28
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
CVSS Score
6.5
EPSS Score
0.01
Published
2018-12-28
There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19.
CVSS Score
6.5
EPSS Score
0.01
Published
2018-12-28
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case.
CVSS Score
8.1
EPSS Score
0.024
Published
2018-12-28