CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write.

Permalink

**Comparing changes**

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also .

**Open a pull request**

Create a new pull request by comparing changes across two branches. If you need to, you can also .

_base repository:_ enferex/pdfresurrect _base:_ v0.17

_head repository:_ enferex/pdfresurrect _compare:_ v0.18

*   11 commits
*   4 files changed
*   1 contributor

**Commits on Aug 7, 2019**

**Commits on Aug 9, 2019**

2.  Zero and extend a buffer.
    
    This should fix one of the ASAN discovered overflows in Issue #6.
    The test case is stackoverflow\_some.pdf in that issue.  Thanks
    to @rtfingc for finding and reporting this.
    

**Commits on Aug 10, 2019**

3.  Fix a memory leak.
    
    Thanks to @rtfing for pointing this out in Issue #6.  This fixes bugs
    identified by memory\_leak memleak2.pdf

Headline

CVE-2019-14934: Comparing v0.17...v0.18 · enferex/pdfresurrect

CVE: Latest News