There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines
Potential SQL injection in QuerySet.annotate(), aggregate(), and extra() (CVE-2022-28346) Potential SQL injection via QuerySet.explain(**options) on PostgreSQL QuerySet.explain() (CVE-2022-28347)
oslo.utils could be made to expose sensitive information if it received a specially crafted input (CVE-2022-0718) References: - https://bugs.mageia.org/show_bug.cgi?id=30254
The chromium-browser-stable package has been updated to the 101.0.4951.64 version, fixing many bugs and 13 CVE. Some of them are listed below: [1316990] High CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani on 2022-04-18
Infinite loop vulnerability in the CHM file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (CVE-2022-20770) Infinite loop vulnerability in the TIFF file parser. Issue affects versions
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call. (CVE-2017-9814) References:
CERTINFO never-ending busy-loop. (CVE-2022-27781) TLS and SSH connection too eager reuse. (CVE-2022-27782) References: - https://bugs.mageia.org/show_bug.cgi?id=30410
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. (CVE-2022-27404) FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235) References:
