Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-01-16 | CVE-2018-5740 | "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. | Ubuntu_linux, Debian_linux, Hp\-Ux, Bind, Data_ontap_edge, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation | 7.5 | ||
2020-01-08 | CVE-2019-17024 | Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72. | Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Leap, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 8.8 | ||
2020-01-08 | CVE-2019-17005 | The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | Ubuntu_linux, Firefox, Firefox_esr, Thunderbird, Leap | 8.8 | ||
2020-01-08 | CVE-2019-17010 | Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | Ubuntu_linux, Firefox, Firefox_esr, Thunderbird, Leap | 7.5 | ||
2020-01-08 | CVE-2019-17011 | Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | Ubuntu_linux, Firefox, Firefox_esr, Thunderbird, Leap | 7.5 | ||
2020-01-08 | CVE-2019-17012 | Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | Ubuntu_linux, Firefox, Firefox_esr, Thunderbird, Leap | 8.8 | ||
2020-01-09 | CVE-2019-20372 | NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. | Xcode, Ubuntu_linux, Nginx, Cloud_backup, Leap | 5.3 | ||
2019-03-09 | CVE-2019-9638 | An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len. | Ubuntu_linux, Debian_linux, Storage_automation_store, Leap, Php, Software_collections | 7.5 | ||
2019-03-09 | CVE-2019-9639 | An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable. | Ubuntu_linux, Debian_linux, Storage_automation_store, Leap, Php, Software_collections | 7.5 | ||
2019-03-09 | CVE-2019-9640 | An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn. | Ubuntu_linux, Debian_linux, Storage_automation_store, Leap, Php, Software_collections | 7.5 |