Debian Libofx vulnerabilities

CVE-2019-9656 [HIGH] CVE-2019-9656: libofx - An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in... An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump. Scope: local bookworm: resolved (fixed in 1:0.9.15-1) bullseye: resolved (fixed in 1:0.9.15-1) forky: resolved (fixed in 1:0.9.15-1) sid: resolved (fixed in 1:0.9.15-1) trixie: resolved (fix

CVE-2017-2816 [HIGH] CVE-2017-2816: libofx - An exploitable buffer overflow vulnerability exists in the tag parsing functiona... An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this vulnerability. Scope: local bookworm: resolved (fixed in 1:0.9.11-4) bullseye: resolved (fixed in 1

CVE-2017-14731 [MEDIUM] CVE-2017-14731: libofx - ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cau... ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an ofxdump call. Scope: local bookworm: resolved (fixed in 1:0.9.11-5) bullseye: resolved (fixed in 1:0.9.11-5) forky: resolved (fixed in 1:0.9.11-5) sid: resolved (fixed in