Debian Linux vulnerabilities

CVE-2020-21041 [HIGH] CWE-120 CVE-2020-21041: Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service

CVE-2020-26558 [MEDIUM] CWE-287 CVE-2020-26558: Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to co

CVE-2020-36331 [CRITICAL] CWE-125 CVE-2020-36331: A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function Ch A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability.

CVE-2020-36328 [CRITICAL] CWE-787 CVE-2020-36328: A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPD A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVE-2020-36330 [CRITICAL] CWE-125 CVE-2020-36330: A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function Ch A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability.

CVE-2020-36329 [CRITICAL] CWE-416 CVE-2020-36329: A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread bei A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVE-2021-31439 [HIGH] CWE-122 CVE-2021-31439: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results from the lack of proper validation of the length of user-s

CVE-2020-36332 [HIGH] CWE-20 CVE-2020-36332: A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an exces A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability.

CVE-2021-33477 [HIGH] CWE-755 CVE-2021-33477: rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code executi rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.

CVE-2021-3426 [MEDIUM] CWE-200 CVE-2021-3426: There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convinc There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidenti

CVE-2021-3517 [HIGH] CWE-787 CVE-2021-3517: There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An at There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential im

CVE-2020-25709 [HIGH] CWE-617 CVE-2020-25709: A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be pro A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.

CVE-2021-3518 [HIGH] CWE-416 CVE-2021-3518: There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted fil There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

CVE-2021-3483 [HIGH] CWE-416 CVE-2021-3483: A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted t A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected

CVE-2021-3524 [MEDIUM] CVE-2021-3524: A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.2 A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. In addition, t

CVE-2021-33034 [HIGH] CWE-416 CVE-2021-33034: In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.

CVE-2021-3537 [MEDIUM] CWE-476 CVE-2021-3537: A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors wh A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability

CVE-2021-32920 [HIGH] CVE-2021-32920: Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation reque Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests.

CVE-2021-32919 [HIGH] CWE-295 CVE-2021-32919: An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another server (when this option is enabled).

CVE-2021-32918 [HIGH] CWE-400 CVE-2021-32918: An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthe An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via memory exhaustion when running under Lua 5.2 or Lua 5.3.